Enforce application scope restrictions [New in Security Center 1.3 and removed in 1.5]

Release version: Australia

Updated March 12, 2026

1 minute to read

Use the glide.record.legacy_cross_scope_access_policy_in_script property to control the permissions of scoped apps.

If the glide.record.legacy_cross_scope_access_policy_in_script property is set to true, scoped apps can call APIs which should only be available to global apps. This property bypasses the intended access controls for creating and updating developers for those scoped apps.

More information


Attribute	Description
Configuration name	glide.record.legacy_cross_scope_access_policy_in_script
Configuration type	System Properties (/sys_properties_list.do)
Data type	Boolean
Recommended value	false
Default value	true (when the property does not exist in the sys_properties table.)
Category	Access control
Security risk	Severity score: 3.5 CVSS score: Low Security risk details: If this property is not set to the recommended value, then scoped apps and delegated developers for those scoped apps can create and update records in global tables such as Incident.
Dependencies and prerequisites	None