Open Navigation

Servicenow

Automated IT Service Management

Overview

ServiceNow is an enterprise service management platform that allows users to submit requests for technical support for hardware, software, applications, and more. It delivers digital workflows that unlock productivity and simplify the complexity of work.

Authentication

When using the Servicenow connector, the first thing you will have to do is click on 'New Authentication' in the step editor:

add-auth

You then need to enter your Servicenow Instance URL, username and password:

servicenow-auth

General management of roles and permissions

In order to access all the operations available in the Servicenow connector, you will need to make sure the user you authenticate with has the correct roles/permissions assigned in the Servicenow admin UI.

We need to configure access to the following in Servicenow:

  • users
  • tables
  • incidents
  • business services
  • config items

Managing tables, roles etc. in Servicenow is a pretty complex undertaking but the following information should start you on the path to getting set up correctly!

To configure a user's access rights you can go to the Roles section of the Servicenow menu and create a new role (e.g. 'tray-user') to be assigned to the user you are authenticating with above.

You can then assign multiple pre-configured roles using the Edit button in the Contains Roles tab:

servicenow-role-contains-roles-tab-1

In the above example:

  • user_admin would give the rights to use the Tray List Users operation
  • usage_admin would give access to the filter by role option in the Tray List Users operation (see note below on finding system roles)
  • itil, itil_admin and incident_manager would give varying levels of rights to the Tray Incidents operations (you would only need to choose one, depending on your requirements)
  • u_mike_table_user gives specific access to a table which can be used in the Tray Tables operations (see below section on Access Control and Table Operations for details on setting up table access)

Some individual permissions can be set in a more 'granular' fashion in the Modules with Role tab:

servicenow-role-modules-with-role-2

Using Access Control and Table Operations

Another approach to permissions is Access Control. This can be set when a table is created:

servicenow-table-access-control-1

After creating a table and adding some columns you will need to choose 'Elevate Roles' from the admin drop-down in the top right of the above screenshot, in order to make your session a security_admin session.

In the Controls tab if you tick the Create access controls box you will see that a new User role is automatically created.

If you scroll down then you can see the individual access controls which have been set:

servicenow-individual-access-controls-1

You will need to add the extra table.* controls to enable actions on individual records in the table. This is done by clicking on the New button above and then setting the operation and the field (in this case we are using * to apply to any field, but you could specify e.g. Product, Details etc.). You also need to specify the role that it applies to:

servicenow-create-access-control-1

Once you click Submit you will see that the Access Control is added to the list, and you can repeat for the delete, read and write actions.

Once the Access Controls have been setup correctly, you can return to the e.g. 'tray-user' role and add the role to the Contains Roles tab:

servicenow-role-contains-roles-tab-2

Finding out what system roles have access to tables and fields

If you look up the system User (sys_user) table you can investigate Access Controls for individual fields in the table:

servicenow-user-table

Click on Roles, followed by the sys_user.roles 'read' Access Control:

servicenow click sys user roles

You can then scroll down and see that Requires role specifies that usage_admin is the only role, besides the admin super user, which has this permission:

servicenow-see-usage-admin-role

This is how we know to use the usage_admin role to allow access to the 'filter by role' action in the Tray List Users operation.

Notes on operations usage

List Table Records

When using the 'List Table Records' operation you must specify the name of the table, which is visible in the Name column of the Tables list:

servicenow-tables-list

Available operations

Was this article helpful?
Yes
No