Configuring provisioning for ServiceNow

Use this task to provision users from Verify to a Service Now application.

Before you begin

You need API keys that are generated from Service Now. You need the following parameters to configure user provisioning in Verify.
  • Instance Name
  • Username
  • Password
  • Client ID
  • Client secret

About this task

Provisioning provides the following features.
Create new users
Users who are entitled to the ServiceNow application through Verify are also created in the ServiceNow application if they do not exist.
Delete users
When users lose access to the application in Verify the corresponding users in the ServiceNow application are deleted.
Modify user profile
Updates made to the user's profile through Verify are pushed to the ServiceNow application.
User suspend and restore
Suspending a user through Verify deactivates the user and restoring the user through Verify activates the user in the ServiceNow application.
User synchronization and remediation
The ServiceNow application supports user synchronization, remediation, and group synchronization features.

User synchronization fetches all the target application users in Verify and matches the fetched users with users in Verify. The adoption policy defined on the application specifies the matching attributes for adoption of the reconciled users.

Remediation policy can be configured to remediate user accounts with attribute values that differ between Verify and the target application. Verify supports the following three remediation policies.
  • NONE - Do not remediate non-compliant accounts automatically.
  • ON_SV - Update Verify account attribute values with the target application values.
  • ON_TARGET - Update target application account attribute values with Verify values.

Group synchronization fetches all the target application groups and roles in Verify.

Fine grained entitlement
Fine grained entitlement is supported for the ServiceNow application. Synchronization fetched all ServiceNow application groups and roles. Users can be added to or removed from groups and roles.

Procedure

  1. Log in as an admin user to your ServiceNow instance by using the following URL:
    https://<ServiceNow Instance>
  2. In the System OAuth section in the left menu, click Application Registry.
  3. Click New > Create an OAuth API endpoint for external clients.
  4. Specify the information for the following fields.
    • Name
    • Accessible from
    • Active
    • Refresh Token Lifespan
    • Access Token Lifespan
  5. Click Submit.
  6. Copy the values that are generated for Client ID and Client Secret.
  7. Note the following parameters that are required to configure provisioning in Verify.
    • Instance Name
    • Username
    • Password
    • Client ID
    • Client secret