Skip to content

Activity Insights - ServiceNow

To display activity data from ServiceNow, you can set up a single SaaS connector or configure both a virtual appliance (VA) and Activity Insights - ServiceNow connector.

Configuring Activity Insights Using the ServiceNow SaaS Connector

If you are using the ServiceNow SaaS connector, follow the connector guide to enable Activity Insights.

After a successful test connection, you must correlate accounts and run an aggregation for the ServiceNow SaaS source. Your activity data will begin syncing immediately but may take up to 24 hours to display. Data will then update daily.

Note

If you previously configured both the ServiceNow identity governance and Activity Insights - ServiceNow connectors, you do not have to take additional action to continue receiving your data.

Configuring Activity Insights Using a VA-Based Source

If you are setting up Activity Insights using a VA-based connector, you must first create an OAuth2 client in ServiceNow. You'll then configure both the ServiceNow identity governance and Activity Insights - ServiceNow connectors so that Identity Security Cloud can gather your account information and display activity data.

Creating an OAuth2 Client in ServiceNow

To create an OAuth2 client in ServiceNow, log in to the ServiceNow Service Management console as an administrator.

  1. From the Admin Home page, enter "System OAuth" in the search bar on the left panel.

  2. Under System OAuth, select Application Registry.

  3. Select New to create a new OAuth2 client.

  4. Select Create an OAuth API endpoint for external clients.

  5. Enter the following OAuth2 client application details in the appropriate fields:

    • Name - A unique name for the client.

    • Application - The application scope for the OAuth2 client, such as Global.

    • Client ID - The Client ID is automatically generated by ServiceNow.

    • Client Secret - The Client Secret for the OAuth2 client. If you leave this field blank, ServiceNow automatically generates a client secret.

    • Redirect URL - (Optional) The URL that the authorization server redirects to.

    • Refresh Token Lifespan - The number of seconds that the refresh token is valid. This value should be a large number. The default validity is 8,640,000.

    • Access Token Lifespan - The number of seconds that the access token is valid. The default access token validity is 1,800 seconds.

  6. Select Submit to create the OAuth2 client. If the Client Secret field was left empty, a client secret is generated at this point.

  7. On the Application Registries page, select the OAuth2 client you created.
  8. Copy the Client ID and select the Padlock icon to display and copy the Client Secret. You’ll need this information to connect ServiceNow to Identity Security Cloud.

Configuring the ServiceNow Identity Governance Source

Follow the directions to configure your ServiceNow source in Identity Security Cloud. You can also edit an existing source.

Configuring the Activity Insights - ServiceNow Source

To display activity data from Activity Insights, you must configure the Activity Insights - ServiceNow source in Identity Security Cloud.

  1. Go to Admin > Connections > Sources.

  2. Select Create New to create a new source.

  3. Search for and select the Activity Insights - ServiceNow connector.

  4. Enter a name and description for the source.

  5. In the Source Owner field, begin typing the name of an owner. Matches appear after you type two letters.

  6. (Optional) Select a governance group for source management.

  7. Select the checkbox if the source is an authoritative source.

  8. Select Continue to create the source.

  9. Select Configuration from the left panel.

  10. Enter the following information:

    • Client ID - Your Client ID from ServiceNow.

    • Client Secret - Your Client Secret from ServiceNow.

    • Host URL - The Host URL for your ServiceNow instance that is used for communication. The Host URL uses the following format: https://instance-name.service-now.com.

    • Refresh Token - Use the following curl command to create a refresh token:

      1
2
3
4
5
6
7
8
      curl --location 'https://instancename.service-now.com/oauth_token.do' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --data-urlencode 'grant_type=password' \
    --data-urlencode 'client_id=<client_id>' \
    --data-urlencode 'client_secret=<client_secret>' \
    --data-urlencode 'username=<username>' \
    --data-urlencode 'password=<password>' \
    --header 'Content-Type: application/json'

      Where:

      • <client_id> - The client ID generated by ServiceNow.

      • <client_secret> - The client secret from ServiceNow.

      • <username> - The username for the ServiceNow account.

      • <password> - The password for the ServiceNow account.

  11. Select Save to save these settings. 

  12. Select Review and Test from the left panel. 

  13. Select Test Connection to test the connection between the applications. You must have a successful connection for Identity Security Cloud to gather activity data. If the test is unsuccessful, retry your credentials or contact SailPoint Support. 

To gather account data, you must correlate accounts and run an aggregation for the ServiceNow identity governance source. Your activity data will begin syncing immediately but may take up to 24 hours to display. Data will then update daily.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.