You want to activate the ServiceNow Securlet without using the administrator role with Full Access to your ServiceNow enterprise account.

Steps to be executed by ServiceNow Administrator

1. Configure ACL based access to table - sysevent 
   1. Navigate -> Tables -> sysevent -> Controls -> Create a separate ACL -> u_event_user
   2. Example Screenshot of sysevent table to create access control: (Note: Enable Allow Access to this table via WebServices if it is not already enabled)
2. Similarly create ACL based access to the following tables:
   1. Sysevent (u_event_user)
   2. Sys_attachment (u_attachment_user)
   3. Sys_audit (u_sys_audit_user)
3. Quarantine Table:
   1. Create table to store Quarantined File by following the tech doc  (Ex: casb_quarantined_files)
   2. Create Access Control
   3. Example Screenshot:
   4. Note: Involve CASB support and dev, if the quarantine table is created in application other than “Global” scope. They will update the precise name in tenantappparam(‘quarantine_table’)
4. Create a User and assign above Access Controls/role created in steps 1-3, along with below additional role:
   1. itil
   2. personalize_dictionary 
   3. rest_service
   4. Sample screenshot of user roles that are required:
5. Create OAuth API endpoint ( Application Registry)
   1. Sample Screenshot:
6. Send below details to CASB administrator for ServiceNow Activation
   1. User Credential (userid and password) created in step 3
   2. Client ID and Client Secret created in step 4
   3. ServiceNow instance name

Steps to be executed by CASB Administrator

1. CASB Administrator activates ServiceNow on CASB using information provided in step 6