When attempting to upload a file using the Attachment API, the upload is successful when using admin account credentials but it fails with non-admin accounts. We are getting following error :
java.lang.NullPointerException Check logs for error trace or enable glide.rest.debug property to verify REST request processing
The user is trying to attach to records they doesn't have access to. You will need to revise ACLs and user roles for those records for whom you are trying to create attachments.
The error is being generated during the ACLs evaluation - com.glide.sys.security.GlideSecurityManager.tableLevelACLAllow(GlideSecurityManager.java:82).
To create attachments, the user record used to authenticate the HTTP request with ServiceNow must have any roles required to create Attachment [sys_attachment] records. It must also have any roles required to read and write records on the target table, such as the itil role to add attachments to incident records.
By default there is no single role allowing a user to add attachments. You can create a role to explicitly allow adding attachments, then assign this role to the user account being used to make the request. Further information can be found in the public documentation linked below:
REST API roles
The required role is 'snc_platform_rest_api_access'.