Integration of ServiceNow and One Identity Manager enables organizational IT operations and identity management teams, to coordinate fulfillment of changes to user access. This service request integration also provides governance over service request tickets, by ensuring that clear audit trails and controls are in place to meet stringent security and compliance requirements. One Identity Manager does this by creating service request tickets within ServiceNow, when a request for access is submitted from One Identity Manager and the fulfillment of the request requires manual completion by an IT service agent. For example, when an end-user requests application access (SAP, etc) in One Identity Manager and that request requires manual fulfillment (no automated provisioning is available / preferred), the integration creates a ticket in ServiceNow. One Identity Manager then tracks the request by polling ServiceNow for the ticket's status periodically. As the IT service agent updates the status of the ticket the changes are reflected in One Identity Manager. Once a ticket is closed or complete, One Identity Manager records this and closes the request. This is all tracked within One Identity Manager so that it can be reported on and provided as part of an audit.
One Identity Manager Service Catalog Integration is an integration between ServiceNow and One Identity Manager where ServiceNow is master. This allows users of both systems to easily navigate from ServiceNow into One Identity Manager and gives users a "one stop shop" to request all IT related items in ServiceNow.
The integration between One Identity Manager and ServiceNow gives mutual customers a complementary identity access governance and service management solution that works together to ensure strong controls are in place to meet ever stringent security and compliance requirements around user access to sensitive applications. The integration also allows users to perform other activities (such as password changes, approve access, manage account) that are configured within the system.
Another form of integration provides the control to One Identity Manager being the master. Tickets are created for service items that have their service categories enabled for ServiceNow. These requests are subjected to the regular approval policies of the Identity Manager and the changes done on the requests are updated to ServiceNow allowing users to check the status of the requests or their tickets on ServiceNow.
Figure 1: One Identity Manager and ServiceNow Integration
ServiceNow is a customizable ITSM solution. Hence, it is ensured that actions like creating tickets, tracking tickets are configured at the One Identity Manager interface. The three process chains which are responsible for ticket creation and tracking are mentioned below:
For information on installation of ServiceNow module, please refer Installing One Identity Manager Components section of the One Identity Manager Installation Guide.
The details related to configuration of the ServiceNow module are listed below. Before proceeding with the ServiceNow configuration, ensure that a job server is assigned to the SCN-Connector-Ext role.