Struggling to figure out why the GDPR data subject request webhook is consistently returning a 403 Forbidden error when attempting to write to our ServiceNow sn_gdpr_data_subject_request table via the Data Actions connector.
The environment is Genesys Cloud EU region (eu05) integrated with ServiceNow Washington DC instance. The MID server is configured with the correct OAuth2 client credentials and has been validated for other standard webhook integrations like incident creation. However, this specific compliance workflow fails at the ingestion layer.
The Architect flow correctly identifies the compliance:data_subject_request event. The Data Action is configured to map the request_id, customer_id, and request_type fields directly to the ServiceNow REST API endpoint. The payload structure matches the ServiceNow Table API documentation exactly, including the sysparm_fields query parameter.
{ "error": { "message": "Permission denied: Insufficient privileges to perform write operation on table sn_gdpr_data_subject_request", "code": "403" } }
The ServiceNow MID server logs show that the outbound request is being sent with the correct Authorization Bearer token. The token itself is valid and has not expired. We have confirmed that the ServiceNow user associated with the OAuth client has the sn_gdpr.admin and sn_gdpr.write roles assigned. Direct manual POST requests from Postman using the same token succeed without issue.
Is there a specific scope or permission boundary in Genesys Cloud Data Actions that restricts writes to certain ServiceNow tables? Or could this be related to the EU region’s stricter data residency policies affecting outbound webhook destinations? The documentation mentions support for compliance webhooks but lacks detail on ServiceNow-specific permission mappings for GDPR tables. Any insights into the exact permission check failing would be appreciated.