Description
The ServiceNow connector uses the ServiceNow Table REST API to discover users, roles, and role assignments within a ServiceNow instance. It authenticates using Basic authentication or OAuth 2.0 and enumerates sys_user, sys_user_role, and sys_user_has_role table records to provide complete visibility into ITSM platform access, including admin and privileged role holders.
System Type Classification
| Field | Value |
|---|
| System Type | Application |
| Default Scan Priority | 500 |
Version Support
| OrbisID Edition | Supported |
|---|
| Community | No |
| Pro | Yes |
| Enterprise | Yes |
Supported Protocol
| Protocol | Port | Notes |
|---|
| Table REST API (HTTPS) | 443 TCP | HTTP Basic authentication or OAuth 2.0 |
What OrbisID Discovers
| Data | Source |
|---|
| Users | GET /api/now/table/sys_user |
| Roles | GET /api/now/table/sys_user_role |
| Role assignments | GET /api/now/table/sys_user_has_role |
| Groups | GET /api/now/table/sys_user_group |
| Group memberships | GET /api/now/table/sys_user_grmember |
| User enabled state | active field |
Connection Requirements
Required Permissions
Create a dedicated integration user with read access to user and role tables.
Minimum permissions:
- snc_read_only role or equivalent
- Read access to
sys_user, sys_user_role, sys_user_has_role, and sys_user_group tables
Credential Mapping
| OrbisID Field | Value |
|---|
credential.username | ServiceNow integration username |
credential.password | ServiceNow password |
system.hostname | Instance hostname (e.g., myorg.service-now.com) |
Network Requirements
The OrbisID server must have HTTPS access to the ServiceNow instance on port 443.
Configuration Steps
- In ServiceNow, create a service account: User Administration → Users → New
- Assign the
snc_read_only role or grant table-specific read ACLs
- Create a Credential in OrbisID:
- Username: ServiceNow integration username
- Password: ServiceNow password
- Navigate to Systems → Add System
- Fill in the fields:
| Field | Value |
|---|
| Name | Descriptive name (e.g., ServiceNow – Production) |
| OS Type | ServiceNow |
| System Type | Application |
| Hostname | ServiceNow instance hostname |
| Credential | The scanning credential |
- Click Test Connection
- Click Save
Troubleshooting
| Symptom | Likely Cause | Resolution |
|---|
401 Unauthorized | Invalid credentials | Verify username and password in ServiceNow |
| No users returned | Missing table read ACL | Grant read access to sys_user table for the service account |
403 Forbidden | IP address restriction | Add OrbisID server IP to the ServiceNow IP allowlist |
| Partial data | Pagination limit | OrbisID uses sysparm_limit and offset pagination automatically |