If the service package is to be run without authentication, set up an access group that provides only the minimum capabilities to service requestors and reference it here. For example, you can include an access role (Rule-Access-Role-Name rule type) that linked to Access of Role to Object rules (Rule-Access-Role-Obj rule type) that limits which classes the service can view or update. Also, review the service activity to ensure that there is no combination of input parameters that allows the activity to perform more than the service needs.
Click the Open icon to open the access group data instance.