Prerequisites for the ServiceNow v2 (Beta) connector in Jitterbit Studio

Introduction

To configure a ServiceNow v2 (Beta) connection and use its activities, you must have an authenticating user with specific permissions associated with your ServiceNow instance. If using OAuth 2.0 authentication, an OAuth API endpoint and its client ID and client secret are also required.

Basic authentication requirements:

• Create an authenticating user and set permissions

OAuth 2.0 authentication requirements:

• Create an authenticating user and set permissions

• Create an OAuth API endpoint and retrieve its client ID and client secret

Create an authenticating user and set permissions

This section describes how to create an authenticating user and set the required permissions for use with the ServiceNow v2 (Beta) connector. The connector requires these permissions to retrieve metadata from ServiceNow when an activity is configured.

Follow these steps:

1. Elevate your role: The security_admin elevated role is temporarily required to complete the other steps in this section.

2. Create a custom role for the authenticating user: A custom role with specific permissions is required for the authenticating user.

3. Create an authenticating user: The authenticating user credentials are entered into the ServiceNow v2 (Beta) connection during connector configuration.

4. Create access control lists for the activities: Two separate Access Control List (ACL) records using the custom role are required for each ServiceNow v2 (Beta) activity to function as intended.

5. Assign roles to the authenticating user: The custom role and two additional system roles must be assigned to the authenticating user.

Elevate your role

The security_admin elevated role is temporarily required to complete the other steps in this section. Follow these steps to obtain the elevated role:

1. From anywhere within the ServiceNow instance, click the user icon located in the top-right corner of the page and then click Elevate role.

2. Select security_admin and click Update.

Create a custom role for the authenticating user

A custom role with specific permissions is required for the authenticating user. Follow these steps to create the custom role:

1. Click the All menu and navigate to User Administration > Roles.

2. Create a new custom role that the authenticating user will use on behalf of the Jitterbit agent by clicking New.

3. Complete the form with the following information:

   • Name: Enter an appropriate name for the role such as jitterbit_harmony_agent.

     Note

     The name of a role cannot be changed once the role is created.

   • Application: Leave as the default Global.

   • Requires Subscription: Leave as the default Unspecified.

   • Elevated privilege: Leave as the default unselected.

   • Description: Enter an appropriate description, such as Used by the authenticating user on behalf of the Jitterbit agent.

4. Click Submit to create the new role.

Create an authenticating user

The authenticating user credentials are entered into the ServiceNow v2 (Beta) connection during connector configuration. Creating a separate user with an appropriate name rather than using an existing user is recommended. Follow these steps to create the authenticating user:

1. Click the All menu and navigate to System Security > Users and Groups > Users.

2. Create a new user that will be the authenticating user on behalf of the Jitterbit agent by clicking New.

3. Complete the form, entering an appropriate User ID (such as jitterbit_harmony_agent).

4. Set a password for the new user by clicking Set Password and following the instructions in the resulting screen.

Create access control lists for the activities

Two separate Access Control List (ACL) records using the custom role are required for each ServiceNow v2 (Beta) activity to function as intended. Follow these steps to configure both ACLs with the correct records:

1. Click the All menu and navigate to System Security > Access Control.

2. Create a new ACL record by clicking New.

3. Configure these settings for the new ACL record:

   • Type: Select record from the menu.

   • Operation: Select the appropriate ServiceNow operation from the menu. The read operation is the minimum operation type required to make a ServiceNow v2 (Beta) connection. These are the ServiceNow operations that are required for each ServiceNow v2 (Beta) activity:

     ServiceNow v2 (Beta) connector activity	ServiceNow operation
     Query	read
     Create	create
     Update	write
     Delete	delete

     Note

     If the appropriate ServiceNow operation for an activity is not configured in the ServiceNow instance, an error will be returned at runtime by the connector.

   • Name: To grant access to the sys_db_object, enter sys_db_object and select Table [sys_db_object] from the menu. Leave the second menu set to --None--.

   • Requires role: Under Role, double-click Insert a new row and then enter the previously created custom role (such as jitterbit_harmony_agent). Click the green checkmark to add the role to the ACL.

4. Click Submit to create the new ACL. You will be prompted to verify the settings to complete the creation of the new list.

5. Repeat the previous three steps and grant access to the sys_glide_object for the four ServiceNow operations by specifying Field class [sys_glide_object] in the Name field. Assign the same previously created custom role as above.

If you create an ACL record for each connector activity in each of the two tables, you will have created eight new records when complete. You can sort the table of Access Controls by the Updated date and these new records will appear at the top.

Assign roles to the authenticating user

The custom role and two additional system roles must be assigned to the authenticating user. Follow these steps to assign the roles:

1. Assign roles to the authenticating user by navigating to User Administration > Users and opening the authenticating user (such as jitterbit_harmony_agent) that you previously created.

2. In its Roles tab, click Edit and double-click the custom role created above to add it to the authenticating user's Related Links roles. In the same screen, you must also add the two roles personalize_dictionary and itil to the Roles list to enable access to the sys_dictionary and itil tables.

3. Click Update to save the configuration for the authenticating user.

Create an OAuth API endpoint and retrieve its client ID and client secret

If using OAuth 2.0 authentication, follow these steps to create an OAuth API endpoint and retrieve its client ID and client secret for use in the ServiceNow v2 (Beta) connection:

1. Sign in at the ServiceNow Developer Portal and click Start Building for your ServiceNow instance.

2. From anywhere within the ServiceNow instance, open the All menu and navigate to System OAuth > Application Registry.

3. On the Application Registries page, click the New button.

4. Click Create an OAuth API endpoint for external clients.

5. Enter these details for your app:

   • Name: Enter a unique name for the application, such as Jitterbit agent.

   • Client ID: Copy this value. This will be the Client ID in the ServiceNow v2 (Beta) connection.

   • Client Secret: Enter a value or leave blank for ServiceNow to generate a value. This will be the Client secret in the ServiceNow v2 (Beta) connection.

   • Active: Ensure that Active is selected.

6. Click Submit to create the new OAuth API endpoint.

7. If you left the Client Secret blank so that ServiceNow would generate a value, reopen the entry to view and copy the client secret.

Next steps

After you complete the steps described on this page, you can use the authenticating user's username with its password and the created OAuth application's client ID and secret (if applicable) in the ServiceNow v2 (Beta) connection.