what roles needed for CMDB Instance API , ITIL role related queryIssue <!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Which role needed for integration that requires the ServiceNow CMDB instance API.We have below given official documentation:https://www.servicenow.com/docs/bundle/zurich-api-reference/page/integrate/inbound-rest/concept/cmdb-instance-api.htmlWhich says: " The CMDB Instance API provides endpoints to create, read, update, and delete operations on existing Configuration Management Database (CMDB) tables. You can only insert, update, or delete one record at a time. This API requires the user have the ITIL role."Why does the CMDB API require the itil role, where a more suitable role might be appropriateA more suitable cmdb_role is required as it's already part of ITIL role to access CMDB as below, why can't we have just the below roles for integration user to access only CMDB related tables:cmdb_readcmdb_ms_editiorsn_cmdb_usercmdb_query_buildercmdb_ms_usersn_cmdb_editor Release<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Future release Resolution<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } We have below given official documentation:https://www.servicenow.com/docs/bundle/zurich-api-reference/page/integrate/inbound-rest/concept/cmdb-instance-api.html This API requires the user have the ITIL role. This is is still valid till Zurich release, In future ITIL role will not be needed. We have below given story:STRY60991519 : Add and Replace SYS_SECURITY_ACL_ROLEs within plugin COM.SNC.CMDB (DIRS0000319 - Granular Admin Roles) "This work consists mainly of:- Removing ADMIN role from tables and other assets (like Rest Endpoints) . Wherever there is a configuration to ADMIN role, we have to replace it by SN_CMDB_ADMIN role.- For tables that have ITIL_ADMIN role, we have to add SN_CMDB_ADMIN role. The ITIL_ADMIN role will be removed in a future release.- For tables that have ITIL role, we have to add SN_CMDB_EDITOR. customers can add the sn_cmdb_admin / sn_cmdb_editor roles to their REST Endpoint ACL for now. The table/record level ACLs will pass, once they pass the REST API ACL. /sys_security_acl.do?sysId=bffaafa05310030026e2099c73dc3443