Script Request Authorization
This article is based on the ServiceNow support article. See the original article on the ServiceNow support site: ServiceNow HI: Script Request Authorization.
Requires authorization for incoming script requests.
| Script Request Authorization | |
|---|---|
| Property Name | glide.basicauth.required.scriptedprocessor |
| Configuration Type | System Properties (/sys_properties_list.do) |
| Purpose | To enforce script requests authorization. |
| Requirement | Mandatory |
| Recommended Value | True |
| Default Behavior | Set to true |
| Revertible behavior | N/A |
| Role required | Security_admin |
| Release Version | Winter 2010 |
| Functional Impact | (Medium) This remediation would enforce the authentication in the form of Basic auth while script requests are being processed on the instance. If there are guest users currently accessing this data, they will be restricted, and customer will have to create a new account for the user who needs access to this content, if applicable. |
| Security Risk | High - Without appropriate authorization configured on the incoming Script requests, an unauthorized user can get access to sensitive content/data on the target instance. |
| Workaround | No alternate method available. |
| References | https://docs.servicenow.com/bundle/kingston-servicenow-platform/page/integrate/inbound-soap/concept/c_BasicAuthentication.html |
How to configure
- Navigate to /sys_properties_list.do.
- Search for the property.
- Assign the recommended value as shown in the screenshot > Click Update.
