Zenity ServiceNow Integration via OAuth Authorization Code

This guide articulates the technical prerequisites to set up an integration between Zenity and ServiceNow using a OAuth Authorization Code for authentication. Follow this link to see the official ServiceNow documentation about this OAuth flow.

All the ServiceNow authentication types are based on user-delegated access, which requires creating connected application, and a dedicated user assigned with dedicated permissions.

Goals:

  1. Create a dedicated user account assigned with dedicated permissions that will be used by Zenity for data collection.
  2. Create and set up a connected application that would allow Zenity to authenticate and act on-behalf-of the dedicated user account under the restrictions of the dedicated permission set.

Instructions:

Step 1: Create a User and permission set for Zenity scan

According to your organization procedures, you can either create a new user or use an existing user and create a new permission set.

To create a new user:

  1. Go to ServiceNow organization All > Users >
  2. Create _New User
  3. Fill username, name and email.
  4. Set time zone to GMT.
  5. Click save.

To modify existing user: 1. Go to existing user profile. 2. Change time zone to GMT. 3. Click save.

To modify or create a new permission set:

  1. Go to User Profile page.
  2. Under roles click edit.
  3. Add admin and snc_read_only roles.
  4. Click save.

Step 3: Create and configure a OAuth External API for Zenity scan

  1. Activate OAuth 2.0 plug in. Fllow this guide: link
  2. Go to All > type 'sys_properties.list' and press Enter Set system property "com.snc.platform.security.oauth.is.active" to true.
  3. Navigate to All > System OAuth > Application Registry
  4. Click New and then click Create an OAuth API endpoint for external clients
  5. Fill name, Redirect URL as "https://app.zenity.io/app/oauth-authorization-code-redirect",accessible from all application scopes. Set refresh token to 1 year(31,557,600 seconds) and access token to 30 min(1,800 seconds). secret Id leave blank it will automatically generated when saving the form.
  6. Click save and then write down the secret key and client id.

Step 4: Create the integration in Zenity portal

  1. Sign into Zenity portal, go to Integrations page, click CREATE NEW and provide the following:
    • The ServiceNow instance url of your organization.
    • The Client id and Client Secret of the connected app you created on step 3 In order to find it:
    • Go to ServiceNow organization All > System OAuth > Application Registry > select the row of the API you created in step 3
  2. Click on the icon sign now with ServiceNow, if you are not logged in, you will be asked to enter credentials to access the instance(log in with the user that has the desired permissions for Zenity.
  3. Click approve access to Zenity, you will be automatically redirected to add integration page and then click create.

IPs Whitelisting Considuration

In our ongoing efforts to enhance the security and reliability of our software, we will be updating the public IP addresses used by our Services and APIs. If your company policy requires you to safelist IP Addresses for your inbound integrations then please make sure the below IPs are safelisted.

  • 18.200.62.37
  • 52.31.196.233
  • 108.128.206.229
  • 99.81.56.225