RESTAPI: Restricting Permissions to Read-Only for Choice Table

NoySmr
Tera Contributor

 

Hello,

I am using the following GET query to retrieve all possible states for incidents:

https://yourinstance.service-now.com/api/now/table/sys_choice?sysparm_query=name=incident&element=st...

 

I’ve added the "personalize_choices" rule to my user, but now the user has the ability to add or update records in the choice table as well.

How can I restrict the permissions to read-only access for this operation, so the user can only retrieve the data without modifying it?

 

Thanks in advance for your help! 🙂

4 REPLIES 4

Vishal Jaswal
Giga Sage

Hello @NoySmr 

 

instead of personalize_choice role, create a custom role and create read acl on sys_choice table and add this custom role in acl.


Hope that helps!

Ankur Bawiskar
Tera Patron
Tera Patron

@NoySmr 

What's the business requirement to allow API for some user to simply see the choices?

I won't recommend that.

To handle this you can use a scripted REST API and in your script you can share the choices

With this you get control on what's asked and what response you can share in the API.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

I only need the options for states to which I can change the incident

NoySmr
Tera Contributor

I only need the options for states to which I can change the incident.