logo

NJP

← Back to News

Cross Scope Access Privilege error after editing Employee Center Header

Import · Oct 17, 2022 · article
Mark Roethof

Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

Hi there,

Did you notice with Employee Center, when you update the Employee Center Header, suddenly several errors appear when loading Employee Center? And even when you revert the changes made, the errors won't disappear? Let's have a look at how can we fix these errors.

Cross scope access privilege

After updating the Employee Center Header with anything, errors like these will appear when loading Employee Center:

01.png

The exact reason why this occurs every time you update the Employee Center Header, I haven't found out yet. Though how can we fix these errors? Basically, there are two situations:

1. The Restricted Caller Access Privilege record does not exist

2. The Restricted Caller Access Privilege record is in a Status other than Allowed

Update Status Restricted Caller Access Privilege record

First have a look if the Restricted Caller Access Privilege record already exists. Navigate to:

System Applications > Application Restricted Caller Access

Then search for:

- Operation = Execute API (the first error mentions "Execute operation")

- Target = Script Include: todoPageUtils (the first error mentions "on script include 'todoPageUtils'")

- Source = Widget: Employee Center Header (the last error mentions "Employee Center Header", which of course is the Widget you updated)

If you find a match, have a look at the Status of the Restricted Caller Access Privilege record. Most likely the Status is "Invalidated" or "Requested". Make sure you are in the correct Application Scope (Employee Center Core), and update the Status to "Allowed".

After solving this error, it can happen that you run into a new error. For example:

02.png

Just repeat the previous steps followed. Search for Restricted Caller Access Privilege:

- Operation = Read (the first error mentions "Execute operation")

- Target = Table: sn_hr_integrations (the first error mentions "on table 'sn_hr_integrations_todo_inbound'")

- Source = Widget: Employee Center Header (the last error mentions "Employee Center Header", which of course is the Widget you updated)

If you find a match, have a look at the Status of the Restricted Caller Access Privilege record. Most likely the Status is "Invalidated" or "Requested". Make sure you are in the correct Application Scope (Employee Center Core), and update the Status to "Allowed".

Adding Restricted Caller Access Privilege

If searching the Restricted Caller Privilege record does not give any results, you would need to add the record yourself. This can be a bit of a struggle. So let's try to break down the error messages because these do actually contain all information needed to create a Restricted Caller Privilege record.

I will start with the fields on the right-side column, based on the error messages from the first image:

- Application = This is automatically filled, based on the active Application Scope. This should be the same Application Scope as the Target record is in.

- Target Scope = This should be the same Application Scope as the Target record is in.

- Target Type = The first error message mentions "Execute operation on script include 'todoPageUtils'". The Target type therefore should be Script Include.

- Target = The first error message mentions "Execute operation on script include 'todoPageUtils'". The Target therefore should be Script Include: todoPageUtils.

- Operation = The first error message mentions "Execute operation on script include 'todoPageUtils'". The Operation therefore should be Execute API.

- Source Scope = This should be the same Application Scope as the Source record is in.

- Source Type = The last error message mentions "Failing widget: 'Employee Center Header'". The Source type therefore should be Service Portal Widget

- Source Table = This is automatically filled, based on the Source Type.

- Source = The last error message mentions "Failing widget: 'Employee Center Header'". The Source therefore should be Widget: Employee Center Header (which of course is the Widget you updated)

- Status = Allowed

Result

After following the steps above, the error messages while loading Employee Center should not appear anymore and the Employee Center Header should be visible again.

03.png

---

Hope you like it. If any questions or remarks, let me know!

Kind regards,

Mark Roethof

Independent ServiceNow Consultant

3x ServiceNow Developer MVP

3x ServiceNow Community MVP

---

View original source

https://www.servicenow.com/community/employee-center-articles/cross-scope-access-privilege-error-after-editing-employee-center/ta-p/2353562