Allow snc_external user to make HTTP GET request to download Excel of a table

Go to solution
Javier Tirado1
Tera Guru

‎04-15-2024 12:27 AM

I have a table widget on the CSM Portal displaying Business Services of the account of the logged in customer. The display of the information is made through a Database View which involve 3 different tables. To export the table data, I use HTTP GET request using a premade link to download Excel and CSV format documents of the information displayed on the widget. The URL looks like this:

var cURL = "/" + c.data.table + "_list.do?"+ type +"&sysparm_query=" + c.data.exportQueryEncoded + "&sysparm_fields=" + c.data.fields_array;

Where type is either EXCEL or CSV.

When the customer clicks the button, a 403: Forbidden error appears on console. I know it is an ACL problem, but I tried to give read access to all tables related to the Database View and had the same result. The script has no problem, as I try it with an snc_internal user and it downloads it without an issue. I also tried to download EXCEL files from the Case widget (also uses http request) and it can do it.

I want to find out what specific ACL I need to set for the customer so it can make HTTP GET requests on the table.

0 Helpfuls
  • 550 Views
1 ACCEPTED SOLUTION

Go to solution
Javier Tirado1
Tera Guru

‎04-23-2024 11:38 PM

Hey! So.. at the end I figured out it was an access restriction to one field of one of the tables inside the Database View. I noticed when I extracted the sysparm_query from the URL, and once I knew it was the query then I started looking for the specific field. Access Analyzer is your best tool in the system guys 😉

View solution in original post

0 Helpfuls
2 REPLIES 2

Go to solution
Sohail Khilji
Kilo Patron
Kilo Patron

‎04-15-2024 12:48 AM

Hi @Javier Tirado1 ,

 

Secondly, it must be ACL issues which i belive you must have sorted.

 

But, primarily any user trying to access service now table info would need certain roles and permission to access. snc internal or external roles may not help to access the info.

 

To the user account provide the roles, also enable to rest check box :

rest_api_explorer

rest_service

web_service_admin


☑️ Please mark responses as HELPFUL or ACCEPT SOLUTION to assist future users in finding the right solution....

LinkedIn - Lets Connect

0 Helpfuls

Go to solution
Javier Tirado1
Tera Guru

‎04-23-2024 11:38 PM

Hey! So.. at the end I figured out it was an access restriction to one field of one of the tables inside the Database View. I noticed when I extracted the sysparm_query from the URL, and once I knew it was the query then I started looking for the specific field. Access Analyzer is your best tool in the system guys 😉

0 Helpfuls