The glide.sc.req_for.roles.default property defines a default behavior for the retrieveAddress API.

This property is functional only when glide.sc.req_for.roles has no values. If glide.sc.req_for.roles has values, then this property has no significance and users with only defined roles are given access to the API.

More information

Attribute Description
Property name glide.sc.req_for.roles.default
Configuration type System Properties (/sys_properties_list.do)
Category Access control
Purpose When there are no roles given in the property, the Client Callable Script Include ScriptServiceCatalogGetLocation can be called by any unprivileged logged-in user and can retrieve the address of any other users in the system. This property protects this API to be exposed to unprivileged users.
Recommended value deny
Default value deny
Configuration type Choicelist (allow | deny)
Security risk (Moderate) If glide.sc.req_for.roles.default is not set to the recommended value of deny (allow) and the value of glide.sc.req_for.roles is empty, then any user can request items for other users allowing unauthorized resource access.
References Client-callable script includes

To learn more about adding or creating a system property, see Add a system property.