Please clarify and comment the following concerns of the customer:
According to the customer's assessment these rights are necessary or might be necessary:
Single rights:
Create/Read/Update on:
· incident
Create/Read on:
· sys_journal_field
Roles (collection of rights):
· soap
· soap_create (included in soap. Not necessary but harmless)
· soap_delete (included in soap. Not necessary but harmless)
· soap_ecc (included in soap. Not necessary but harmless)
· soap_query (included in soap. Not necessary but harmless)
· soap_query_update (overlaps soap. Not necessary but harmless)
· soap_script (included in soap. Not necessary but harmless)
· soap_update (included in soap. Not necessary but harmless)
· odbc (Only required if the integration uses the ServiceNow ODBC driver)
According to the customer's assessment these rights are NOT necessary or not understandable rights:
Single rights:
· sys_db_object
* This is the list of all tables.
* The customer thinks that the integration only needs access to Incident and sys_journal_field tables.
* So why should they allow access tot he sys_db_object table?
· sys_dictionary
* This is the list of all table columns.
* Unless the integration does not execute an automatic mapping to custom columns (the ServiceNow Administrator created),
the customer can’t see why this right should be necessary.
· task
* Table that contains several other types of data except Incidents
* The Create/Read/Update right on the Incident tabel should be sufficient.
Roles (collection of rights):
· web_service_admin
* Required to create new Webservices in ServiceNow. Not required to consume them.
· mid_server
* The guide says midserver but we guess you mean mid_server.
* This role will usually be given to users defined in the ServiceNow Mid Server in order to realize communication between Mid Server and the ServiceNow instance.
· catalog_admin
* Is not related to the Incident module of ServiceNow. Used only for administration of the Service Catalog module.
· u_journal_entry_user
* This role is a Custom Role (as you can see on the prefix “u_”).
That is to say it does exist in a ServiceNow instance only if an administrator created it and did set some single rights.
* The manual does not say which rights would be required.
* Based on the name we assume that the rights overlap with the Create/Read right on the sys_journal_field table.