The One Identity Manager IT Shop allows users to request company resources such as applications, system roles, or group membership as well as non-IT resources such as mobile telephones or keys. The integration of the IT Shop in ServiceNow enables employees to request products directly from ServiceNow. This Integration also provides governance over IT request, by ensuring that clear audit trails and controls are in place to meet security and compliance requirements.
Using the One Identity Manager for Service Catalog App users can raise IT Shop requests with the fulfillment being handled by One Identity Manager. Having passed through an approval workflow in ServiceNow, requests then proceed to One Identity Manager. Requests are automatically created in One Identity Manager and the defined workflow starts. This provides the ability to leverage both workflow engines but also allows for self-service. ServiceNow users need an employee record in One Identity Manager to submit requests. Employees are synchronized into a ServiceNow application table using the One Identity Manager Application Server and are matched to ServiceNow Users (sysuser) using the central account (optionally a configurable property) and the UserID of the ServiceNow User.
An application-specific approval workflow, containing application-specific steps, is provided for ServiceNow and can be modified to meet your requirements. In One Identity Manager, the requests are processed by a flexible policy-based approval process. The request history makes it possible to follow who requested which company resource or hierarchical role and when it was requested, renewed, or canceled. By default, a product request by a user will require approval by the user’s manager. If the user has a manager, the approval goes to the manager and would be directed to a configurable group of fallback approvers if the user does not have a manager configured.
ServiceNow One Identity Manager App user can raise an IT request and the fulfillment of the request is handled by the approval workflow in ServiceNow. Based on the request approval outcome in ServiceNow, the request then proceeds to One Identity Manager by automation of request creation and proceeded by the kind of workflow attached to the service item. One Identity Manager data is read and updated by the integration using One Identity Manager Application Server. One Identity Manager Employees are synced into the ServiceNow custom users table based on the match between the central account (and optionally configured custom property) and the UserID of the ServiceNow User (sysusers), post which the ITShop request can be raised in ServiceNow.
The requests are processed by a flexible policy-based approval process. Introducing IT Shop avoids time-consuming demands within the company and reduces the administration effort. Requests follow a defined approval process which decides whether a product may be assigned or not. For Example, a product requested by the user goes for an approval workflow, if the user has a manager the approval goes to the manager and if the user doesn’t have any manager then it goes to fallback approver.
