Application restricted caller access settings Restricted caller access settings enable an admin user to define cross-scope access to an application or application resource and allow or deny requests for access. Records in the Restricted Caller Access [sys_restricted_caller_access] table track cross-scope applications or scripts that request access to an application or application resource. The system creates records when: Caller access is set to Caller Restriction or Caller Tracking. A cross-scope script attempts to access an application resource. Using these records, an admin user or an application admin can: Track cross-scope requests for access to an application resource. Approve or deny any cross-scope requests for access to an application resource. Alternatively, an admin can create a record in the Restricted Caller Access table to allow all scope-to-scope requests, or to allow all future requests to all application resources in the target scope. If a calling resource changes, the restricted caller access record moves to an Invalidated status. An admin user or an application admin can update the status of the request accordingly. Activating application restricted caller access You can activate application restricted caller access through one of the following methods: Activate the Scoped Application Restricted Caller Access plugin (com.glide.scope.access.restricted_caller). Request the HR Service Delivery or Security Incident Response applications. These applications have application restricted caller access active by default. Activate application restricted caller accessYou can activate the Scoped Application Restricted Caller Access plugin (com.glide.scope.access.restricted_caller) if you have the admin role. Define cross-scope access to an application resourceAdmin users can track cross-scope requests for access to an application resource, and approve or deny requests. Define access to or from an application scopeTo set access for the entire application, or to pre-approve or deny future requests from a cross-scope script or application, you can create a record in the Restricted Caller Access Privileges [sys_restricted_caller_access] table.