Restricting Access to User-Created Incidents in Integration

Lokesh Yanati
Tera Contributor

‎04-23-2025 05:09 AM

Hi,

Good day!!

We are planning to integrate our ServiceNow instance with a third-party vendor's ServiceNow instance. As part of this setup, we have created a user account and an OAuth profile. However, we would like to restrict access so that the third-party instance can only view incidents created by the integration user.

 

Could you please share your thoughts on how we can achieve this?

 

Thank you in advance for your assistance.

Labels:
0 Helpfuls
  • 215 Views
2 REPLIES 2

Ankur Bawiskar
Tera Patron
Tera Patron

‎04-23-2025 05:23 AM

@Lokesh Yanati 

how are they going to access the incident data?

you should not expose OOTB incident table API due to security issues.

Instead you should use scripted rest api which gives you control over what response they get when they consume ServiceNow API endpoint.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls

Ankur Bawiskar
Tera Patron
Tera Patron

‎04-23-2025 05:28 AM

@Lokesh Yanati 

if you are still planning to use OOTB Table API then remember you should update the OOTB query business rule so that it takes into account this requirement

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls