Use Case
We need the ability to join data from ServiceNow to the /account-activities data so in Power BI we can include information about the request from the IDN side and include the link to the ServiceNow request.
The ServiceNow workflow in the Service Catalog Integration has a step where it writes the accountActivityItemId to the ServiceNow record, so the join sequence is
-
ServiceNow (sn) to /access-request-status (ars) using sn.accountActivityItemId = ars.accountActivityItemId
-
/access-request-status (ars) to /account-activities (aa) using ars.accessRequestId = aa.id
We use the completed date on the account activity record to show the “Provision Date” on the report.
Here’s the issue
Access to the access-request-status endpoint requires a token with ORG_ADMIN access. Curiously, access to the /account-activities endpoint does not. They have virtually the same data, so why does one require such elevated permissions?
Workaround
If you utilize the clientMetadata object in the /access-requests payload, then you can put all the identifying information that you need there and link directly to the /account-activities record. We have done that, but it took us months to discover it was needed, so there are a bunch of records without clientMetadata on them, which is why the intermediate join using the /access-request-status data is required.