(Which methods are used to activate application restricted caller access?

Restricted caller access is enabled through a platform capability delivered as a plugin. The direct method to activate it is to activate the Scoped Application Restricted Caller Access plugin, which turns on the restricted caller access behavior and supporting controls for cross-scope interactions. Additionally, certain ServiceNow applications, such as HR Service Delivery or Security Incident Response, may require this capability and, when requested/installed, can drive activation of the necessary supporting features as part of meeting that application’s security model. That aligns to option B as an activation path tied to obtaining the applications that depend on the feature. Option A is not an activation method, it is a blanket security stance that does not represent how the feature is turned on in the platform. Option D is different functionality: Cross-Scope Access Override is a specific override mechanism for cross-scope calls and does not itself activate restricted caller access. The verified activation methods are the plugin activation and obtaining the applications that require it.