Scripted REST API to create ... (#1934)

* Scripted REST API to create ...

...incidents in the correct domain

* Update README.md

Removed
1. Reference to Hacktoberfest
2. Removed PR Checklist which I included accidentally
3. Removed License information.

* Update create.js

removed reference to Hacktoberfest

* Update README.md

1. Removed all references to Hacktober fest
2. Removed PR Template
3. Added Prerequisites & Dependencies

Author: anurampalli

Integration/Scripted REST Api/DomainSeperation/README.md

@@ -0,0 +1,119 @@
+# ServiceNow Scripted REST API for creating incdents in the correct company/domain
+
+## Overview
+
+The API allows authenticated users to create new **Incident** records within their own domain and company context.
+
+> **DISCLAIMER**  
+> This script was developed and tested on a **ServiceNow Personal Developer Instance (PDI)**.  
+> It is intended for **educational and demonstration purposes only**.  
+> Please **test thoroughly in a dedicated development environment** before deploying to production.
+
+---
+
+## Features
+
+- Creates a new Incident record for the currently logged-in user.
+- Automatically assigns the user's domain and company to the incident.
+- Returns the generated incident number and domain in the response.
+
+---
+
+## Prerequisites & Dependencies
+
+Before using or testing this Scripted REST API, ensure the following conditions are met:
+
+1. **Domain Separation Plugin**
+
+   - The **Domain Separation** plugin must be activated on your instance.
+   - This enables `sys_domain` references and ensures incidents are created within the correct domain context.
+
+2. **Core Data Setup**
+
+   - Ensure valid entries exist in the **core_company** table.
+   - Each company should have an associated **domain** record in the **sys_domain** table.
+   - These relationships are critical for correct domain assignment during incident creation.
+
+3. **User Configuration**
+
+   - The user invoking this API must:
+     - Belong to a specific domain.
+     - Have the **snc_platform_rest_api_access** role to access Scripted REST APIs.
+   - Users must also have ACL permissions to:
+     - **Read** from the `sys_user` table.
+     - **Insert** into the `incident` table.
+
+4. **Instance Configuration**
+   - Tested and validated on a **ServiceNow Personal Developer Instance (PDI)**.
+   - Other environments should be configured with equivalent domain and company data for consistent results.
+
+---
+
+## Information
+
+- **Author**: Anasuya Rampalli ([anurampalli](https://github.com/anurampalli))
+- **Version**: 1.0
+- **Date**: 2025-10-08
+- **Context**: Scripted REST API (`create` function)
+- **Tested On**: ServiceNow Personal Developer Instance (PDI)
+
+---
+
+## Expected Request Format
+
+```json
+POST /api/your_namespace/your_endpoint
+Content-Type: application/json
+
+{
+  "short_description": "Issue description text"
+}
+```
+````
+
+---
+
+## Response Examples
+
+### Success
+
+```json
+{
+  "status": "success",
+  "incident_id": "INC0012345",
+  "domain": "TOP/Child Domain"
+}
+```
+
+### Error
+
+```json
+{
+  "error": {
+    "message": "User Not Authenticated",
+    "detail": "Required to provide Auth information"
+  },
+  "status": "failure"
+}
+```
+
+---
+
+## How It Works
+
+1. Extracts the `short_description` from the incoming JSON payload.
+2. Identifies the authenticated user via `gs.getUserID()`.
+3. Retrieves the user's domain and company using `sys_user`.
+4. Creates a new `incident` record with the user's domain, company, and description.
+5. Returns the incident number and domain in the response.
+
+---
+
+## Testing Tips
+
+- Use a valid ServiceNow PDI with Scripted REST API enabled.
+- Ensure the user is authenticated before making requests.
+- Check the `incident` table for newly created records.
+
+---
+

Integration/Scripted REST Api/DomainSeperation/create.js

@@ -0,0 +1,93 @@
+/**
+ *
+ * This script is provided for **educational and demonstration purposes only**.
+ * Please thoroughly **test in a dedicated development environment**
+ * before deploying to production.
+ *
+ * -----------------------------------------------------------------------------
+ * Script Purpose:
+ * Creates a new Incident record under the same domain and company as the
+ * currently logged-in user. Returns the generated incident number and domain.
+ * -----------------------------------------------------------------------------
+ *
+ * @author  Anasuya Rampalli (anurampalli)
+ * @version 1.0
+ * @date    2025-10-08
+ * @tested  On ServiceNow PDI (Personal Developer Instance)
+ * @context Scripted REST API (process function)
+ */
+
+/**
+ * Processes the incoming REST API request and creates an Incident
+ * for the authenticated user within their domain.
+ *
+ * @param {RESTAPIRequest} request  - The incoming REST API request object containing JSON payload.
+ * @param {RESTAPIResponse} response - The response object used to send results back to the client.
+ *
+ * Expected JSON Body:
+ * {
+ *   "short_description": "Issue description text"
+ * }
+ *
+ * Response Example (Success):
+ * {
+ *   "status": "success",
+ *   "incident_id": "INC0012345",
+ *   "domain": "TOP/Child Domain"
+ * }
+ *
+ * Response Example (Error):
+ * {
+ *   "error": {
+ *     "message": "User Not Authenticated",
+ *     "detail": "Required to provide Auth information"
+ *   },
+ *   "status": "failure"
+ * }
+ */
+(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {
+  var body = request.body.data;
+  var companyName = body.company;
+  var shortDesc = body.short_description;
+  //gs.info(gs.getUserID());
+  var userSysId = gs.getUserID();
+  var result = {};
+
+  try {
+    // looup user
+    var grUser = new GlideRecord("sys_user");
+    grUser.addQuery("sys_id", userSysId.toString());
+    grUser.query();
+    if (grUser.next()) {
+      var domain = grUser.sys_domain;
+      // Create new incident
+      var grIncident = new GlideRecord("incident");
+      grIncident.initialize();
+      grIncident.short_description = shortDesc;
+      grIncident.caller_id = userSysId;
+      gs.info("COMPANY: " + grUser.company.getDisplayValue());
+      grIncident.company = grUser.company;
+      grIncident.sys_domain = grUser.sys_domain; // domain reference comes from core_company
+      grIncident.insert();
+
+      let correlationId = grIncident.number;
+      gs.info(
+        "Domain Indcident API: inserted incident number: " + correlationId
+      );
+      result.status = "success";
+      result.incident_id = correlationId;
+      result.domain = grUser.sys_domain.getDisplayValue();
+    } else {
+      response.setStatus(404);
+      result.status = "error";
+      result.message = "User not found: " + companyName;
+    }
+  } catch (e) {
+    response.setStatus(500);
+    result.status = "error";
+    result.message = e.message;
+  }
+
+  response.setBody(result);
+})(request, response);
+