ServiceNow on Connect iPaaS uses Basic Authentication and OAuth 2.0. By linking your ServiceNow account with Connect iPaaS, you can authorize RoboMQ to have a delegated access on your behalf. RoboMQ needs the following permissions on your account to provide a seamless integration experience.
|User account||To interact with all records|
|itil||Connect iPaaS by default support “incident” table, therefore we need to this role to access the incident table.|
|import_transformer||Connect iPaaS needs to make call to the import set REST API to insert/update, this is the role for import set REST API call.|
|personalize_choices||In order to help our user to make better decision designing a workflow, Connect iPaaS will populate the existing column value for “Choice” data type when user configure a table in the workflow.|
|personalize_dictionary||In order to help our user to setup the data mapping or event filter for a table, Connect iPaaS will query the available columns of a table and let user choose from a dropdown list.|
|x_srbtd_robomq_con.robomq_staging_table_list_user||This is the role to access the prepackaged table “RoboMQ Staging Table List”.|
|x_srbtd_robomq_con.robomq_trigger_user||This is the role to access the prepackaged table “RoboMQ Trigger”.|
Please refer to the document "An Integration with OAuth 2.0" to know more about Oauth 2.0 and the scopes in ServiceNow.
Using the Basic Authentication connection mechanism, you authorize Connect iPaaS to have the same level of access as the user principal of the account that generated the Username and Password. These permissions may be more permissive than what could be achieved by using OAuth. For security considerations, we recommend using OAuth wherever available.
Create a Basic Authentication Connection¶
To link your ServiceNow account using Basic Authentication, you first have to specify your
ServiceNow Instance URL.
What is an Instance URL?¶
When you visit the website, you can find the ServiceNow URL as
https://abc.service-now.com. This URL is your domain name.
Create an OAuth Connection¶
To link your ServiceNow account using OAuth, you have to specify your
ServiceNow Instance URL,
Client Secret. For getting the Client ID and Client Secret, you have to set up an OAuth application on the ServiceNow platform. OAuth allows you to grant access to Connect iPaaS by obtaining a token.
Only Istanbul (or later) versions of ServiceNow supports OAuth connection. Make sure that your ServiceNow version supports this when selecting OAuth as authentication type on Connect iPaaS.
Setting up Connection using OAuth 2.0 On ServiceNow¶
Before you begin, make sure you have OAuth set up on your ServiceNow instance.
The admin role is required to set up the OAuth on ServiceNow.
There are three steps to set up the OAuth:
- Activate OAuth
- Set OAuth Activation Property as true
- Create an OAuth application registry
The three steps are explained as follows. You can also read the complete guide for more details.
- Navigate to System Definition > Plugins.
- Find and click the plugin OAuth 2.0
- Click the Activate/Upgrade under Related Links
Set OAuth Activation Property¶
- Type sys_properties.list in the Filter Navigator and then click New
- Fill the form
- Name: com.snc.platform.security.oauth.is.active
- Type: true | false
- Value: true
Create an OAuth Application Registry¶
- Navigate to System OAuth > Application Registry and then click New.
- Select 'Create an OAuth API' endpoint for external clients and then fill in the form.
- Click submit.
Next, create an endpoint for a client application to gain access to your ServiceNow instance. During this setup step, you will need to use the following URLs:
When the client application is successfully set up, use the Client ID and Client Secret while creating a ServiceNow connection in Connect iPaaS.
When you click on the
Link Account button, you will be redirected to the ServiceNow Authentication screen and then to the application page where you can check
allow RoboMQ to access your account.