Domain picker on Software Asset Workspace shows "Error: Could not load domain configurations."Issue Domain picker on Software Asset Workspace shows "Error: Could not load domain configurations.". "domain configurations" is the label of the "domain" table. The user will be able to list at least their own domain in a normal list view, showing record level APIs are not the issue:https://<instance>.service-now.com/domain_list.do The Browser debug's Javascript console will also show a 403 status error for this rest request, which is to the REST Table API, for the domain table. The instance appnode localhost log will show the error "RESTAPIProcessor : User Not Authorized" and "response_status:403": 1534434 /api/now/table/domainPage: api/now/table/domainQuery Count: 2Complete: falseDebug: false12:10:59.160 TIME = 0:00:00.000 PATH = processor/RESTAPIProcessor/execute CONTEXT = RESTAPIProcessor App: Global RC = true RULE =12:10:59.160 #1534434 [REST API] RESTAPIProcessor : User Not Authorized12:10:59.161 *** End #1534434 /api/now/table/domain, user: <sam admin user>, impersonated by: <admin user>, total time: 0:00:00.000, processing time: 0:00:00.000, CPU time: 0:00:00.000, SQL time: 0:00:00.001 (count: 2), ACL time: 0:00:00.001, source: 10.59.21.134, type: rest , method:null, api_name:null, resource:null, version:null, user_id:xxxx, response_status:403 ReleaseDomain Separation environmentsCauseThe instance has probably been hardened by activating the REST Endpoint ACL for the Table API. This is an out-of-box ACL, but is inactive by default. https://<instance>.service-now.com/sys_security_acl.do?sys_id=9ef8bc918733320025fbd1a936cb0bdd Role required: snc_platform_rest_api_access If this is active, and the user does not have the snc_platform_rest_api_access role, the Software Asset Workspace can't get the list of domains due to that ACL blocking it.ResolutionYou could add the snc_platform_rest_api_access role to the sam_admin role, or sam_user role, so that any users with those roles also inherit the snc_platform_rest_api_access role. Docs: Software Asset Management roles Docs: Add a role to an existing role Note: Giving these users that role will allow them access to any table via the Table API, not just domain. Record/field level APIs would still apply for the data in those tables, as when a user opens lists/forms when logged into the instance