Mandatory fields
ServiceNow is a service management platform that can be used for many different business units, including IT, human resources, facilities, and field services.
ServiceNow connectors are available for use with One Identity Safeguard for Privileged Passwords.
Supervisor configuration parameters for ServiceNow v.1.0
To configure the connector, following parameters are required:
-
Connector name
-
Username for the cloud account
-
Password for the cloud account
-
Custom Properties (List of custom properties, if any, to be mapped)
For more information, see Configuring custom attributes for ServiceNow v.1.0.
-
SCIM URL (Cloud application's REST API's base URL)
Configuring custom attributes for ServiceNow v.1.0
You can configure custom attributes for the ServiceNow v.1.0 connector when you configure the connector in Starling Connect by adding the custom attributes in the Custom Properties field in the defined format.
Supervisor configuration parameters for ServiceNow v.2.0
To configure the connector, following parameters are required:
-
Connector name
-
Username for the cloud account
-
Password for the cloud account
-
SCIM URL (Cloud application's REST API's base URL)
Configuring custom attributes for ServiceNow v.2.0
You can configure custom attributes for the ServiceNow v.2.0 SCIM connector in Starling Connect for Users, Groups and Roles in the Custom Attributes section in Schema Configuration.
NOTE:
- For more information about how to configure custom attributes in ServiceNowv.2.0, see Configuring custom attributes in connectors.
- As the ServiceNow target system does not support disabling of attributes, the ServiceNow connector is enhanced only to support the configuration of custom attributes in the SCIM connector.
-
If a custom attribute is a complex attribute, then you must enter it in the following format in Starling Connect:
<custom_attribute>$$<nested_attribute>.
For example,
"parent": {
"link": "https://dev60043.service-now.com/api/now/table/sys_user_group/b85d44954a3623120004689b2d5dd60a",
"value": "b85d44954a3623120004689b2d5dd60a"
}
you must enter as parent$$value in Starling Connect.
-
The connector supports single level of navigation only.
Supported objects and operations
Users
Table 50: Supported operations for Users
Create |
POST |
Update |
PUT |
Delete |
DELETE |
Get all users |
GET |
Get (Id) |
GET |
Pagination |
GET |
Groups
Table 51: Supported operations for Groups
Create |
POST |
Update |
PUT |
Delete |
DELETE |
Get all groups |
GET |
Get (id) |
GET |
Get |
GET |
Pagination |
GET |
Roles
Table 52: Supported operations for Roles
Get All Roles |
GET |
Get Role (Id) |
GET |
Users
Groups
User and Group mapping
The user and group mapping is listed in the table below.
Table 53: User mapping
userName |
user_name |
name.familyName |
last_name |
name.givenName |
first_name |
name.middleName |
middle_name |
displayName |
name |
emails[0].value |
email |
addresses[0].streetAddress |
street |
addresses[0].locality |
city |
addresses[0].region |
state |
addresses[0].postalCode |
zip |
addresses[0].country |
country |
phoneNumbers[0].value(type=work) |
phone |
title |
title |
preferredLanguage |
preferred_language |
timeZone |
time_zone |
active |
active |
password |
user_password |
roles.value |
{resource}.role.value |
extension.organization |
company |
extension.department |
department |
extension.manager.value |
manager.value |
extension.employeeNumber |
employee_number |
id |
sys_id |
groups.value |
{resource}.group.value |
extension.lastLogon |
last_login_time |
PhoneNumbers[0].value(type=mobile) |
mobile_phone |
Table 54: Group mapping
id |
sys_id |
displayName |
name |
members.value |
{resource}.user.value |
extension.description |
description |
extension.email |
email |
extension.groupType |
type |
extension.manager.value |
manager.value |
Connector versions and features
The following subsections describe the different connector version(s) and features available with them.
Supported Versions
The supported versions of ServiceNow connector are:
Connector limitations
-
ServiceProviderAuthority contains only the Id field with the value being same as the instance id of the ServiceNow instance, as there are no APIs to fetch the tenant details in ServiceNow.
-
If the department name and organization name is provided during user create or update operations, the user gets assigned to the department and organization if the department and organization with the same name exists in ServiceNow cloud application.
-
If the invalid manager id is used for user's manager fields while performing user create or update operations, ServiceNow does not display any error. Instead, it invalid id is returned as the manager id.
- In the request, if there are invalid values for timezone, language, and so on, ServiceNow does not display any error. Instead, the fields with invalid values would be blank.
-
GET Roles operation might not fetch all the roles. Some roles must be retrieved based on ServiceNow Access Control List (ACL).
- If an invalid role id is used for user create or update operation, no error is displayed. Instead, the same invalid id in the role list is returned.
-
If an invalid member id is used for group create or update, no error is displayed. Instead, the same invalid id as the member id is returned.
-
Create User operation with existing user details shows the status code as 403 instead 409. The status code and the status message cannot be interpreted.
Connector versions and features
ServiceNow is a service management platform that can be used for many different business units, including IT, human resources, facilities, and field services.
ServiceNow connectors are available for use with One Identity Safeguard for Privileged Passwords.
Supervisor configuration parameters for ServiceNow v.1.0
To configure the connector, following parameters are required:
-
Connector name
-
Username for the cloud account
-
Password for the cloud account
-
Custom Properties (List of custom properties, if any, to be mapped)
For more information, see Configuring custom attributes for ServiceNow v.1.0.
-
SCIM URL (Cloud application's REST API's base URL)
Configuring custom attributes for ServiceNow v.1.0
You can configure custom attributes for the ServiceNow v.1.0 connector when you configure the connector in Starling Connect by adding the custom attributes in the Custom Properties field in the defined format.
Supervisor configuration parameters for ServiceNow v.2.0
To configure the connector, following parameters are required:
-
Connector name
-
Username for the cloud account
-
Password for the cloud account
-
SCIM URL (Cloud application's REST API's base URL)
Configuring custom attributes for ServiceNow v.2.0
You can configure custom attributes for the ServiceNow v.2.0 SCIM connector in Starling Connect for Users, Groups and Roles in the Custom Attributes section in Schema Configuration.
NOTE:
- For more information about how to configure custom attributes in ServiceNowv.2.0, see Configuring custom attributes in connectors.
- As the ServiceNow target system does not support disabling of attributes, the ServiceNow connector is enhanced only to support the configuration of custom attributes in the SCIM connector.
-
If a custom attribute is a complex attribute, then you must enter it in the following format in Starling Connect:
<custom_attribute>$$<nested_attribute>.
For example,
"parent": {
"link": "https://dev60043.service-now.com/api/now/table/sys_user_group/b85d44954a3623120004689b2d5dd60a",
"value": "b85d44954a3623120004689b2d5dd60a"
}
you must enter as parent$$value in Starling Connect.
-
The connector supports single level of navigation only.
Supported objects and operations
Users
Table 50: Supported operations for Users
Create |
POST |
Update |
PUT |
Delete |
DELETE |
Get all users |
GET |
Get (Id) |
GET |
Pagination |
GET |
Groups
Table 51: Supported operations for Groups
Create |
POST |
Update |
PUT |
Delete |
DELETE |
Get all groups |
GET |
Get (id) |
GET |
Get |
GET |
Pagination |
GET |
Roles
Table 52: Supported operations for Roles
Get All Roles |
GET |
Get Role (Id) |
GET |
Mandatory fields
Users
Groups
User and Group mapping
The user and group mapping is listed in the table below.
Table 53: User mapping
userName |
user_name |
name.familyName |
last_name |
name.givenName |
first_name |
name.middleName |
middle_name |
displayName |
name |
emails[0].value |
email |
addresses[0].streetAddress |
street |
addresses[0].locality |
city |
addresses[0].region |
state |
addresses[0].postalCode |
zip |
addresses[0].country |
country |
phoneNumbers[0].value(type=work) |
phone |
title |
title |
preferredLanguage |
preferred_language |
timeZone |
time_zone |
active |
active |
password |
user_password |
roles.value |
{resource}.role.value |
extension.organization |
company |
extension.department |
department |
extension.manager.value |
manager.value |
extension.employeeNumber |
employee_number |
id |
sys_id |
groups.value |
{resource}.group.value |
extension.lastLogon |
last_login_time |
PhoneNumbers[0].value(type=mobile) |
mobile_phone |
Table 54: Group mapping
id |
sys_id |
displayName |
name |
members.value |
{resource}.user.value |
extension.description |
description |
extension.email |
email |
extension.groupType |
type |
extension.manager.value |
manager.value |
The following subsections describe the different connector version(s) and features available with them.
Supported Versions
The supported versions of ServiceNow connector are:
Connector limitations
-
ServiceProviderAuthority contains only the Id field with the value being same as the instance id of the ServiceNow instance, as there are no APIs to fetch the tenant details in ServiceNow.
-
If the department name and organization name is provided during user create or update operations, the user gets assigned to the department and organization if the department and organization with the same name exists in ServiceNow cloud application.
-
If the invalid manager id is used for user's manager fields while performing user create or update operations, ServiceNow does not display any error. Instead, it invalid id is returned as the manager id.
- In the request, if there are invalid values for timezone, language, and so on, ServiceNow does not display any error. Instead, the fields with invalid values would be blank.
-
GET Roles operation might not fetch all the roles. Some roles must be retrieved based on ServiceNow Access Control List (ACL).
- If an invalid role id is used for user create or update operation, no error is displayed. Instead, the same invalid id in the role list is returned.
-
If an invalid member id is used for group create or update, no error is displayed. Instead, the same invalid id as the member id is returned.
-
Create User operation with existing user details shows the status code as 403 instead 409. The status code and the status message cannot be interpreted.
Connector limitations
ServiceNow is a service management platform that can be used for many different business units, including IT, human resources, facilities, and field services.
ServiceNow connectors are available for use with One Identity Safeguard for Privileged Passwords.
Supervisor configuration parameters for ServiceNow v.1.0
To configure the connector, following parameters are required:
-
Connector name
-
Username for the cloud account
-
Password for the cloud account
-
Custom Properties (List of custom properties, if any, to be mapped)
For more information, see Configuring custom attributes for ServiceNow v.1.0.
-
SCIM URL (Cloud application's REST API's base URL)
Configuring custom attributes for ServiceNow v.1.0
You can configure custom attributes for the ServiceNow v.1.0 connector when you configure the connector in Starling Connect by adding the custom attributes in the Custom Properties field in the defined format.
Supervisor configuration parameters for ServiceNow v.2.0
To configure the connector, following parameters are required:
-
Connector name
-
Username for the cloud account
-
Password for the cloud account
-
SCIM URL (Cloud application's REST API's base URL)
Configuring custom attributes for ServiceNow v.2.0
You can configure custom attributes for the ServiceNow v.2.0 SCIM connector in Starling Connect for Users, Groups and Roles in the Custom Attributes section in Schema Configuration.
NOTE:
- For more information about how to configure custom attributes in ServiceNowv.2.0, see Configuring custom attributes in connectors.
- As the ServiceNow target system does not support disabling of attributes, the ServiceNow connector is enhanced only to support the configuration of custom attributes in the SCIM connector.
-
If a custom attribute is a complex attribute, then you must enter it in the following format in Starling Connect:
<custom_attribute>$$<nested_attribute>.
For example,
"parent": {
"link": "https://dev60043.service-now.com/api/now/table/sys_user_group/b85d44954a3623120004689b2d5dd60a",
"value": "b85d44954a3623120004689b2d5dd60a"
}
you must enter as parent$$value in Starling Connect.
-
The connector supports single level of navigation only.
Supported objects and operations
Users
Table 50: Supported operations for Users
Create |
POST |
Update |
PUT |
Delete |
DELETE |
Get all users |
GET |
Get (Id) |
GET |
Pagination |
GET |
Groups
Table 51: Supported operations for Groups
Create |
POST |
Update |
PUT |
Delete |
DELETE |
Get all groups |
GET |
Get (id) |
GET |
Get |
GET |
Pagination |
GET |
Roles
Table 52: Supported operations for Roles
Get All Roles |
GET |
Get Role (Id) |
GET |
Mandatory fields
Users
Groups
User and Group mapping
The user and group mapping is listed in the table below.
Table 53: User mapping
userName |
user_name |
name.familyName |
last_name |
name.givenName |
first_name |
name.middleName |
middle_name |
displayName |
name |
emails[0].value |
email |
addresses[0].streetAddress |
street |
addresses[0].locality |
city |
addresses[0].region |
state |
addresses[0].postalCode |
zip |
addresses[0].country |
country |
phoneNumbers[0].value(type=work) |
phone |
title |
title |
preferredLanguage |
preferred_language |
timeZone |
time_zone |
active |
active |
password |
user_password |
roles.value |
{resource}.role.value |
extension.organization |
company |
extension.department |
department |
extension.manager.value |
manager.value |
extension.employeeNumber |
employee_number |
id |
sys_id |
groups.value |
{resource}.group.value |
extension.lastLogon |
last_login_time |
PhoneNumbers[0].value(type=mobile) |
mobile_phone |
Table 54: Group mapping
id |
sys_id |
displayName |
name |
members.value |
{resource}.user.value |
extension.description |
description |
extension.email |
email |
extension.groupType |
type |
extension.manager.value |
manager.value |
Connector versions and features
The following subsections describe the different connector version(s) and features available with them.
Supported Versions
The supported versions of ServiceNow connector are:
-
ServiceProviderAuthority contains only the Id field with the value being same as the instance id of the ServiceNow instance, as there are no APIs to fetch the tenant details in ServiceNow.
-
If the department name and organization name is provided during user create or update operations, the user gets assigned to the department and organization if the department and organization with the same name exists in ServiceNow cloud application.
-
If the invalid manager id is used for user's manager fields while performing user create or update operations, ServiceNow does not display any error. Instead, it invalid id is returned as the manager id.
- In the request, if there are invalid values for timezone, language, and so on, ServiceNow does not display any error. Instead, the fields with invalid values would be blank.
-
GET Roles operation might not fetch all the roles. Some roles must be retrieved based on ServiceNow Access Control List (ACL).
- If an invalid role id is used for user create or update operation, no error is displayed. Instead, the same invalid id in the role list is returned.
-
If an invalid member id is used for group create or update, no error is displayed. Instead, the same invalid id as the member id is returned.
-
Create User operation with existing user details shows the status code as 403 instead 409. The status code and the status message cannot be interpreted.
Dropbox
Dropbox offers secure file sharing and storage. It helps users manage sharing capabilities with groups and external collaborators through central folders with granular permissions.
Supervisor configuration parameters
To configure the connector, following parameters are required:
Supported objects and operations
Users
Table 55: Supported operations for Users
Create |
POST |
Update |
PUT |
Delete |
DELETE |
Get all users |
GET |
Get user by Id |
GET |
Get users with pagination |
GET |
Groups
Table 56: Supported operations for Groups
Create |
POST |
Update |
PUT |
Delete |
DELETE |
Get all groups |
GET |
Get group by Id |
GET |
Get groups with pagination |
GET |
Roles
Table 57: Supported operations for Roles
Get all roles |
GET |
Get role by Id |
GET |
Mandatory fields
Users
Groups
User and Group mapping
The user and group mappings are listed in the tables below.
Table 58: User mapping
id |
profile.team_member_id |
externalId |
profile.external_id |
userName |
profile.email |
name.familyName |
profile.name.surname |
name.givenName |
profile.name.given_name |
name.formatted |
profile.name.display_name |
displayName |
profile.name.display_name |
emails[0].value |
profile.email |
active |
profile.status[".tag"] |
groups |
profile.groups |
roles |
role[".tag"] |
meta.created |
profile.joined_on |
Table 59: Group mapping
id |
group_id |
displayName |
group_name |
members[].value |
members[].profile.team_member_id |
members[].display |
members[].profile.name.display_name |
enterpriseExtension.externalId |
group_external_id |
meta.created |
created |
Connector limitations
-
The LastModified date is not applicable for Groups.
- Both created and lastModified dates are not applicable for Users.
-
Invalid Target URL returns the below mentioned status code and error message.
- Status code: 500
- Error message: There was an issue processing this request error.
-
User's role cannot be updated.
-
The user cannot be set as active while performing create or update.
-
The information about groups will not be present in the Create user response.
-
The Dropbox user statuses active and invited are considered as active in the connector.
-
APIs are not available to retrieve roles from Dropbox. Hence, the endpoints of the connector's roles provide predefined set of roles.
-
Deleted members cannot be added to a group. In a request to add multiple members to a group, if any user is deleted (members_not_in_team), then the entire request is not carried out.
-
The userName property for user is read-only. However, this can be updated by updating the emails → value. The emails → value has been mapped against userName.
-
Dropbox returns error 500 without any message being shown, on cursor pagination with cursor length equal to 1. The same is observed when trying to update a deleted group. In this case, the connector returns the following error code and message:
- Error Code: 400
- Error message: Error occurred.