Skip to main content
Skyhigh Security

Integrate the ServiceNow API

Use the following procedure to register the ServiceNow application, and integrate the ServiceNow API in Skyhigh CASB.

Prerequisite

For ServiceNow ODS, the ServiceNow admin should have access to ServiceNow's sys_dictionary and sys_db_object tables. The ODS configuration page fetches the ServiceNow objects for scanning from ServiceNow's sys_dictionary and sys_db_object tables. If the ServiceNow admin does not have access to ServiceNow's sys_dictionary and sys_db_object tables, assign the personalize_dictionary role to the ServiceNow admin and ensure that the assigned personalize_dictionary role has Access to (Access Control List) the sys_dictionary with read access and sys_db_object with read access ACL's.

clipboard_eb3dc82d60b22d500483066a9c5118695.png

Register the ServiceNow Application

  1. Log in to ServiceNow with an Admin account.
  2. Create a new application in ServiceNow as described here and configure the following:
    clipboard_ec79ef204985f0801b4a7c0180782a1a8.png
US Production: https://www.myshn.net/shndash/extensions/OAuthCallbackController

clipboard_e4b9065ac06bc7638c63aec86159b0d76.png

Integrate the ServiceNow API in Skyhigh CASB

  1. Log in to Skyhigh CASB with your tenant and go to Settings > Service Management.
  2. Click Add Service Instance, select ServiceNow.
  3. Enter a name for the instance and click Done.
    clipboard_e83882b984c9ef47af50d41c0a279deb5.png
  4. Select the ServiceNow instance you created. 
  5. Go to the Setup tab and under API, click Enable.
  6. On the Enable API page, click Provide API Credentials.
    clipboard_ea6924b218a3011686de72cb2eaa874ed.png
  7. Enter the details of the Custom OAuth Application created in ServiceNow and click Submit.
    • For the ServiceNow URL, in this example, you would replace ven01114 with your own ServiceNow instance. 
    • For the Admin Email, enter the ServiceNow Admin email.
      clipboard_ebd7f66731c2e7366ee91d640ffb5680a.png
  8. Click Allow.
    clipboard_e0a002115cecbcec377d3bc94aaae05cc.png

After ServiceNow API Integration Setup, wait for an hour to configure ODS Scan because the files, connect chats, and table in ODS Scan UI will be visible after an hour.

NOTE: This note is applicable only if a reverse proxy is configured.

  • If your ServiceNow instance is configured through reverse proxy and while enabling API via a reverse proxy, you might encounter an error and may not see the Step 8  screen ( [clipboard_e0a002115cecbcec377d3bc94aaae05cc.png]--> click to view the screen) with options Allow/Deny. In that case, configure the following CAP policy to Skip Cert Check: Redirect All as shown in the below screenshot for the API user configured to enable API. 
    clipboard_e247f951ddb6934b7bb255e8a7948a20e.png
  • Was this article helpful?