Skip to content

Scripted REST API to create ... #1934

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Oct 8, 2025
Merged

Scripted REST API to create ... #1934

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2267f1f
Scripted REST API to create ...
anurampalli Oct 7, 2025
8184c43
Update README.md
anurampalli Oct 8, 2025
1be2332
Update create.js
anurampalli Oct 8, 2025
afc91da
Update README.md
anurampalli Oct 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
119 changes: 119 additions & 0 deletions Integration/Scripted REST Api/DomainSeperation/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
# ServiceNow Scripted REST API for creating incdents in the correct company/domain

## Overview

The API allows authenticated users to create new **Incident** records within their own domain and company context.

> **DISCLAIMER**
> This script was developed and tested on a **ServiceNow Personal Developer Instance (PDI)**.
> It is intended for **educational and demonstration purposes only**.
> Please **test thoroughly in a dedicated development environment** before deploying to production.

---

## Features

- Creates a new Incident record for the currently logged-in user.
- Automatically assigns the user's domain and company to the incident.
- Returns the generated incident number and domain in the response.

---

## Prerequisites & Dependencies

Before using or testing this Scripted REST API, ensure the following conditions are met:

1. **Domain Separation Plugin**

- The **Domain Separation** plugin must be activated on your instance.
- This enables `sys_domain` references and ensures incidents are created within the correct domain context.

2. **Core Data Setup**

- Ensure valid entries exist in the **core_company** table.
- Each company should have an associated **domain** record in the **sys_domain** table.
- These relationships are critical for correct domain assignment during incident creation.

3. **User Configuration**

- The user invoking this API must:
- Belong to a specific domain.
- Have the **snc_platform_rest_api_access** role to access Scripted REST APIs.
- Users must also have ACL permissions to:
- **Read** from the `sys_user` table.
- **Insert** into the `incident` table.

4. **Instance Configuration**
- Tested and validated on a **ServiceNow Personal Developer Instance (PDI)**.
- Other environments should be configured with equivalent domain and company data for consistent results.

---

## Information

- **Author**: Anasuya Rampalli ([anurampalli](https://github.com/anurampalli))
- **Version**: 1.0
- **Date**: 2025-10-08
- **Context**: Scripted REST API (`create` function)
- **Tested On**: ServiceNow Personal Developer Instance (PDI)

---

## Expected Request Format

```json
POST /api/your_namespace/your_endpoint
Content-Type: application/json

{
"short_description": "Issue description text"
}
```
````

---

## Response Examples

### Success

```json
{
"status": "success",
"incident_id": "INC0012345",
"domain": "TOP/Child Domain"
}
```

### Error

```json
{
"error": {
"message": "User Not Authenticated",
"detail": "Required to provide Auth information"
},
"status": "failure"
}
```

---

## How It Works

1. Extracts the `short_description` from the incoming JSON payload.
2. Identifies the authenticated user via `gs.getUserID()`.
3. Retrieves the user's domain and company using `sys_user`.
4. Creates a new `incident` record with the user's domain, company, and description.
5. Returns the incident number and domain in the response.

---

## Testing Tips

- Use a valid ServiceNow PDI with Scripted REST API enabled.
- Ensure the user is authenticated before making requests.
- Check the `incident` table for newly created records.

---

93 changes: 93 additions & 0 deletions Integration/Scripted REST Api/DomainSeperation/create.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
/**
*
* This script is provided for **educational and demonstration purposes only**.
* Please thoroughly **test in a dedicated development environment**
* before deploying to production.
*
* -----------------------------------------------------------------------------
* Script Purpose:
* Creates a new Incident record under the same domain and company as the
* currently logged-in user. Returns the generated incident number and domain.
* -----------------------------------------------------------------------------
*
* @author Anasuya Rampalli (anurampalli)
* @version 1.0
* @date 2025-10-08
* @tested On ServiceNow PDI (Personal Developer Instance)
* @context Scripted REST API (process function)
*/

/**
* Processes the incoming REST API request and creates an Incident
* for the authenticated user within their domain.
*
* @param {RESTAPIRequest} request - The incoming REST API request object containing JSON payload.
* @param {RESTAPIResponse} response - The response object used to send results back to the client.
*
* Expected JSON Body:
* {
* "short_description": "Issue description text"
* }
*
* Response Example (Success):
* {
* "status": "success",
* "incident_id": "INC0012345",
* "domain": "TOP/Child Domain"
* }
*
* Response Example (Error):
* {
* "error": {
* "message": "User Not Authenticated",
* "detail": "Required to provide Auth information"
* },
* "status": "failure"
* }
*/
(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {
var body = request.body.data;
var companyName = body.company;
var shortDesc = body.short_description;
//gs.info(gs.getUserID());
var userSysId = gs.getUserID();
var result = {};

try {
// looup user
var grUser = new GlideRecord("sys_user");
grUser.addQuery("sys_id", userSysId.toString());
grUser.query();
if (grUser.next()) {
var domain = grUser.sys_domain;
// Create new incident
var grIncident = new GlideRecord("incident");
grIncident.initialize();
grIncident.short_description = shortDesc;
grIncident.caller_id = userSysId;
gs.info("COMPANY: " + grUser.company.getDisplayValue());
grIncident.company = grUser.company;
grIncident.sys_domain = grUser.sys_domain; // domain reference comes from core_company
grIncident.insert();

let correlationId = grIncident.number;
gs.info(
"Domain Indcident API: inserted incident number: " + correlationId
);
result.status = "success";
result.incident_id = correlationId;
result.domain = grUser.sys_domain.getDisplayValue();
} else {
response.setStatus(404);
result.status = "error";
result.message = "User not found: " + companyName;
}
} catch (e) {
response.setStatus(500);
result.status = "error";
result.message = e.message;
}

response.setBody(result);
})(request, response);

Loading