Restrict write access on system fields to admin users [New in Security Center 7.0]
Use the glide.rest.table_api.admin_only_sys_fields system property to control write access the fields generated by the system.
The glide.rest.table_api.admin_only_sys_fields property controls write access to these fields:
- sys_id
- sys_created_by
- sys_created_on
- sys_updated_by
- sys_updated_on
When this property is set to true, only an admin can write to these fields that are system-generated values. When the property is set to false or it doesn't exist in the System Properties [sys_properties] table, users who have create or write access to a table can write to these system values using the Table API.
Set the property glide.rest.table_api.admin_only_sys_fields to true to prevent non-admin users from updating system fields on records.
More information
| Attribute | Description |
|---|---|
| Configuration name | glide.rest.table_api.admin_only_sys_fields |
| Configuration type | System Properties (/sys_properties_list.do) |
| Data type | Boolean |
| Recommended value | true |
| Default value | false |
| Fallback value | false |
| Category | Access control |
| Security risk |
|
| Functional impact | Any integrations or users without the admin role that use the Table API to create or update records and change these fields are impacted. These requests to the Table API set the query parameter sysparm_suppress_auto_sys_field to false and set those fields in the request body. |
| Dependencies and prerequisites | None |
To learn more about adding or creating a system property, see Add a system property.