SOAP request strict security (instance security hardening)

Use the glide.soap.strict_security property to enforces web service security.

This property uses a combination of:

Basic authentication challenge/response over the HTTP protocol and
System level access controls in the Contextual Security: Role Management plugin.

If you set this property to true, it performs the following actions:

If the user has appropriate role to perform the operation, it checks incoming SOAP request for role authorization to validate. It occurs during SOAP web service calls/requests made against ServiceNow AI Platform tables when performing CREATE, READ, UPDATE or DELETE operations.
Checks the system-level ACLs while retrieving data in the form of SOAP data on the table.
Checks the field-level ACLs for any CRUD operation performed against a field of table.

More information

Search:


Attribute	Description
Property name	glide.soap.strict_security
Configuration type	System Properties (/sys_properties_list.do)
Configure in Instance Security Center	Yes
Purpose	Ensure security ACLs are checked and validated even when the records are accessed through SOAP calls
Recommended value	true
Functional Impact	This remediation enforces the system-level access control while retrieving data from tables/pages in the form of SOAP data on the instance. If there are users currently accessing this data, they are restricted/allowed to access the data based on the ACL rules. For the default roles that have access to the SOAP data, see SOAP roles .
Security risk	(High) Without appropriate authorization configured on the incoming SOAP requests, an unauthorized user can get access to sensitive content/data on the target instance.
References	Enforce strict security for inbound SOAP SOAP web service

To learn more about adding or creating a system property, see Add a system property.