Once an IT shop request is created, it follows the defined approval process. If manager approval is enabled in configuration parameters, the request is routed to the manager for approval. The manager needs an appropriate role such as the approver_user role, to be able to approve or reject the IT Shop request.
Once a synchronization operation completes One Identity Manager managers optionally could be added to a configured approval role. The configuration parameters for automatically adding One Identity Manager managers approver role are:
add_OneIM_managers_to_approver_role: Boolean value (true/false) that determines whether One Identity Manager Managers will be added to the ServiceNow approver role approver_user.
NOTE: The role could be chargeable. Consult a ServiceNow representative regarding cost involved before enabling this configuration parameter.
One Identity Manager ServiceNow application uses custom tables to store the application related configurations and data that are synchronized from the One Identity Manager. Details of the tables are summarized below.
This table is used to store the One Identity Manager ServiceNow application configuration parameters that can be edited according to the business requirement. This table is only visible to the users with the admin role.
The following table contains a summary of all the custom columns added.
| Column Name | Descriptions |
| Config param | This column defines the name of the configuration parameter |
| Config desc | This column provides the configuration parameter description |
| Config value | This column is used to enter the value for the config parameter |
|
Config value encrypted |
This column is used to enter sensitive data for security reasons. For example, password |
All the One identity requests are stored into this custom table. Any ServiceNow user can read data from this table.
| Column Name | Descriptions |
| Number | One Identity manager request number. |
| Stage | Stage of One Identity manager request |
| Opened | The time when the request was created. |
| Opened by | The serviceNow user who created the request. |
| State | Current state of request |
| Requested For | The user for which request is raised |
| Service category | Name of One identity manager service category |
| Service Item | Name of One identity manager service item |
| Service Item ID | Guide of One identity manager service item |
| SOD Result | Result of SOD check and validations |
| Reason | Reason for the request |
| Request Properties | This column stores the request properties of service item. |
| UID_ShoppingCartItem | Guid of One identity manager ShoppingCartItem |
| UID_shoppingCartOrder | Guid of One identity manager ShoppingCartOrder |
| Valid_From | The date from which request is valid |
| Valid_Until | The date until which request is valid |
| Short description | Short description for one identity manager request. |
| Active | This column specifies if the request is active or not. |
Service Categories in One Identity Manager ITShop are synchronized from One Identity Manager to ServiceNow into this custom table. This table is only accessible to the users with the admin role.
The following table contains a summary of all the custom columns added.
| Column Name | Descriptions |
| Service Category | This column provides the name of the service category in the IT shop service catalog |
| Description | This column provides the description relating to the respective service catalog given in the One Identity Manager |
| The following table contains a summary of all the custom columns added. | |
| Unique ID | This column stores the GUID of the service catalog present in One Identity Manager |
|
XobjectKey |
This column stores the XObjectKey for the respective Service catalog in One Identity Manager |
This table is deprecated now. Mapping between the One Identity Manager ITShop ServiceCategory and Users are synchronized into this table. This table is only accessible to the users with the admin role.
The following table contains a summary of all the custom columns added.
| Column Name | Descriptions |
| Service Category | This column provides the name of the service category in the IT shop service catalog |
| User | Name of the user that has the resources |
This table is deprecated now. IT Shop services created under the IT Shop Service Category are synchronized into this table in ServiceNow and are used for assigning the service items in the ServiceNow catalog page. This table is only visible to the users with the admin role.
The following table contains a summary of all the custom columns added.
| Column Name | Descriptions |
| Service Item | Name of the Service Item created in the One Identity Manager IT Shop |
| Unique ID | GUID of the Service Item created in One Identity Manager |
|
Service Category |
Name of the service category under which the Service Item is created in One Identity Manager |
|
UID_ITShopOrg |
GUID of IT Shop Org present in One Identity Manager |
|
XObjectKey |
Unique XObject Key Present in One Identity Manager |
This table is deprecated now. Mapping between the One Identity Manager ITShop ServiceItems and Users are synchronized into this table. This table is only visible to the users with the admin role.
The following table contains a summary of all the custom columns added.
| Column Name | Descriptions |
| Service Item | Name of the Service Item created in the One Identity Manager IT Shop |
|
Service Category |
Name of the service category under which the Service Item is created in One Identity Manager |
| User | Name of the user that has the resources |
This table is deprecated now. All the request orders that are created for a user on the ServiceNow catalog page are stored here. This table is only visible to the users with the admin role.
The following table contains a summary of all the custom columns added.
| Column Name | Descriptions |
| UID_ShoppingCartOrder | UID_ShoppingCartOrder present in the ShopCartOrder table in One Identity Manager is synchronized in this column |
|
Request |
This column provides the Request Number for the request raised through the One Identity Manager for ServiceNow catalog page |
All the Employees from One Identity Manager are synchronized into ServiceNow to this table, if the useraccount exists for the Employee in the sysusers table. Also, the userid for ServiceNow account should match the Central Account / the CustomProperty value. This table is only visible to the users with the admin role.
The following table contains a summary of all the custom columns added.
| Column Name | Descriptions |
| Firstname | First name of the employee in One Identity Manager |
|
Lastname |
Last name of the employee in One Identity Manager |
|
Displayname |
Display name of the employee in One Identity Manager |
|
ServiceNow User ID |
ServiceNow user ID |
|
ServiceNow User Name |
ServiceNow UserName |
|
CustomProperty |
The custom property in the One Identity Person table. Optionally this ID can also be used to match One Identity Manager employees to ServiceNow users |
|
UID Person |
GUID of the employee in One Identity Manager person table |
|
UID_PersonHead |
GUID of the manager present in the One Identity Manager person table |
|
XObjectKey |
XObject key present for all the employees in the One Identity Manager person table |
NOTE: As these columns are used in various scripts, the column/table names should not be modified as they will lead to exceptions. Deprecated tables were used in previous version of catalog application.
The One Identity Manager Service Catalog Application in ServiceNow requires cryptographic keys to secure data transmission and ensure application integrity. The cryptographic keys are used to securely encrypt the OneIM API server username and password entered by the user and store it temporarily in ServiceNow until the request is completed. Once the request is completed the secure credential is destroyed from ServiceNow. Before utilizing the application, clients must configure cryptographic keys for the cryptographic module named oneim_cryptography_module.
Prerequisites
To setup cryptographic key
Navigate to Key Management > Cryptographic Modules > All.
Locate and select oneim_cryptography_module to open its details page.
On the Crypto Specifications tab, find the row corresponding to the Key Alias entry.
NOTE: If no key exists yet, the Key Alias field will be empty.
Click Next to navigate to the Key Origin tab under Crypto Specifications.
Enter a friendly name in the Key Alias field for easier identification.
Create the Key
Click Next to move to the Key Creation tab.
Select Generate Key.
Upon successful key generation, the Cryptographic Module form re-loads, displaying the updated Crypto Specification.
Verify the Generated Key
Navigate to the Module Keys tab to view and verify the generated keys.
© 2025 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center
