How to Restrict Access to Specific Tables for Integration

Use Case:

If you want to restrict full access to specific tables in ServiceNow for certain companies during integration, you can do this by adding Business Rules. This allows you to specify which tables you don't want to provide access to.

For example, if you only want to integrate Incidents and not Change Requests, you can restrict access to the ChangeRequest table.

Scenario:

Integrating ChangeRequest (ServiceNow) ↔︎ Story (Jira)

Sample integration ChangeRequest (ServiceNow) ↔︎ Story (Jira)

If you restrict access to the ChangeRequest table, attempting to create a Story in Jira will result in an error when trying to create a ChangeRequest in ServiceNow. This error will appear in the Getint integration logs.

How to Deny Access to the ChangeRequest Table

  • Go to Administration > Business Rule.

  • Follow the steps shown in the images below to create a new Business Rule.

  • Configure the fields as shown.

Create a new Business Rule
Everything should be set as in the picture above
Go to the Advanced tab and paste the script shown below

  • In the Advanced tab, paste the following script to block access to the ChangeRequest table:

(function executeRule(current, previous) {
	// Bypass restriction for admin users
    if (gs.hasRole('admin')) {
        return; // Allow admins to proceed
    }
    // Abort any operation on the change_request table
    current.setAbortAction(true); // Prevent any operation from completing
    // Apply a query that results in no records being returned
    current.addQuery('number', "00000000000"); // An invalid query to ensure no records are returned
})(current, previous);

This script will prevent any operation (Insert, Update, Query, or Delete) from happening on the ChangeRequest table by aborting the action and returning no records.

How to Restrict Access to Other Tables

To restrict access to other tables, simply repeat the steps described above for the ChangeRequest table.

The only change required is to select a different table in the Table field. You can restrict access to various tables such as:

  • Requested Item

  • Incident

  • Incident Task

  • Problem

  • Other tables like sys_dictionary or journal_field_type which we may have allowed access to in previous ACLs.

Summary

By following this approach, you can ensure that companies only access the tables necessary for their integration and block unwanted access to other tables.

If you need any further help or if you are experiencing issues with your installation, feel free to open a support ticket at our Support Portal.

Last updated

Was this helpful?