ServiceNow AP - Get Entities sys-ids - Successful with blank results

book

Article ID: 193763

calendar_today

Updated On:

Products

CA Release Automation - Release Operations Center (Nolio) CA Release Automation - DataManagement Server (Nolio)

Issue/Introduction

I'm trying to test the ServiceNow's Action Pack, action: Get Entities sys-ids

We're providing the table name (change_request) but it is still returning an empty result even though the Step Details shows "Found 1 entities".

We have tried without a filter and also with a filter of: [number:CHG0000001]



Cause

The problem was identified to be related to the permissions of the userid (supplied through the username field of the action). 

When the username field of the action uses a user with a certain level of insufficient permissions we see the following type of response in the agent's nolio_all.log file:

2020-06-24 17:03:50,793 [job-327710-jobServer-327721-6:ServiceNow - Get Entities sys-ids(P293.F1057.E1058):Action] INFO  (com.nolio.platform.shared.executables.actions.serviceNow.Utils:26) - response:

<?xml version='1.0' encoding='UTF-8'?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Body>
    <getKeysResponse>
        <sys_id/>
        <count>0</count>
    </getKeysResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Environment

Release : 6.5

Component : CA Release Automation Release Operations Center

Service Now Action Pack Version: 10.3.1503.1

ServiceNow Instance: New York

 

Resolution

The action succeeded after reconfiguring it to use a different user. 

The minimum permissions needed to make a given ServiceNow web service request does not seem to be a clear cut answer and therefore will need to be answered by a ServiceNow administrator who can advise on such ServiceNow matters as it relates to the WebService call/request being made. For this specific action we can see that it sends the a soap envelope request similar to the following:

envelope request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:chan="http://www.service-now.com/change_request">
   <soapenv:Header/>
   <soapenv:Body>
      <chan:getKeys>
<number>CHG0000001</number>
     </chan:getKeys>
   </soapenv:Body>
</soapenv:Envelope>

Additional Information

A section of the service-now documentation that seems to relate to the change_request.do -> getKeys web service api call that we're making via this action. I found it here: https://docs.servicenow.com/bundle/orlando-application-development/page/integrate/web-services-apis/reference/r_DirectWebServiceAPIFunctions.html

 

A little higher in the documentation stack is this: https://docs.servicenow.com/bundle/orlando-application-development/page/integrate/inbound-soap/concept/c_SOAPWebService.html

From here we can see sections talking about using forms to limit or extend query response, return the display value for reference variables, etc. And from the main page itself it covers things like SOAP security policies, SOAP default security policy, WS-Security profiles, Strict security for web services. Under the "Strict security for web services" it talks about Contextual Security requirements to access instance resources from web services.

It isn't clear if any of the above information is the correct area to look for the minimum permissions needed to make a given ServiceNow web service request. This is why we advise consulting with a ServiceNow administrator. If a specific permission is identified/confirmed then do feel free to let us know and we will adjust this KB as necessary.