Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Define access to or from an application scope

Define access to or from an application scope

To set access for the entire application, or to pre-approve or deny future requests from a cross-scope script or application, you can create a record in the Restricted Caller Access Privileges [sys_restricted_caller_access] table.

Before you begin

Role required: admin or application admin

If application administration is enabled, only application administrators of the target application can set access to an application. If application administration is not enabled, an admin user can set access to an application.

Procedure

  1. Navigate to System Applications > Application Restricted Caller Access.
    The Restricted Caller Access Privileges [sys_restricted_caller_access] table opens.
  2. Complete the form.

    To allow access between two application scopes, set the Source Type and Target Type to Scope and select the appropriate Source Scope and Target Scope.

    Table 1. Restricted Caller Access fields
    Field Description
    Operation Operation on the target resource.
    • Read
    • Write
    • Create
    • Delete
    • Execute API
    Source Record of the calling script.
    Source Scope Scope of the calling application.
    Source Table Table that contains the Source record.
    Source Type Type of record calling the application resource.
    • Scope
    • Business Rule
    • UI Action
    • Script Include
    • Scheduled Script
    • Workflow Activity
    • Service Portal Widget
    • UI Macro
    • Orchestration RunScript Activity
    • Document Title
    • GlideScopedEvaluator
    • ACL

    To allow access from an entire application, select Scope.

    Status Status of the access request.
    • Requested
    • Denied
    • Allowed
    • Invalidated
    Note: If a calling resource changes, the restricted caller access record status changes to Invalidated. If application administration is enabled, only application administrators of the target application can update the status of a request.
    Target Record of the requested resource.
    Target Scope The scope of the requested resource.
    Target Table Table that contains the Target record.
    Target Type Type of requested resource.
    • Scope
    • Table
    • Script Include

    To allow access to an entire application, select Scope.