Secure and protect a processor

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 2분

    • You can protect your processor against unauthorized use by using role restrictions, and protect it by requiring a CSRF token.

    이 태스크 정보

    주:
    This feature is deprecated. While legacy, existing custom processors continue to be supported, creating new custom processors has been deprecated. Instead, use the Scripted REST APIs.

    You can re-use a table's user role restrictions to protect it from access by your processor. This protection method assumes the processor will access table data.

    프로시저

    1. Create or select a user role that has access to the table the processor script calls.
    2. Navigate to System Definition > Processors.
    3. In Script, add the following code block. 
      var now_GR = new GlideRecord('your_table_name');
// canRead() compares the table’s ACL to the user making this request, and returns true if the logged-in user has read access to this table
if(gr.canRead())  
{ 
  // Perform table query here  
  g_processor.writeOutput('Success!'); 
} else { 
  g_processor.writeOutput('You do not have permission to read table your_table_name'); 
}
    4. Update the code block to use other access restrictions as needed.

      Available access functions include:

      • canCreate()
      • canRead()
      • canWrite()
      • canDelete()
    5. Click Update.

    Protect a processor with a CSRF token

    You can protect a processor by requiring a CSRF token.

    이 태스크 정보

    Script type processors can require a CSRF token check before the processor runs.

    프로시저

    1. Navigate to All > System Definition > Processors.
    2. Open a processor record.
    3. Select the CSRF protect option.
    4. Click Update.