Chat now with support
Chat with Support

Identity Manager 9.2.1 - Administration Guide for Connecting to ServiceNow

ServiceNow Module Overview Installation Managing ServiceNow Incidents from One Identity Manager One Identity Manager for Service Catalog Logging Troubleshooting

One Identity Manager login behaviour in ServiceNow portal

One Identity Manager login behaviour in ServiceNow portal

The login behavior of One Identity Manager Web Portal for Employee (Role based) authentication module is described below:

  • When you click the One Identity Manager link in ServiceNow Web Portal for the first time, an authorization page to the One Identity Manager Web Portal is displayed. You are prompted to enter the user credentials of One Identity Manager to log in to the system.
  • After logging in, the One Identity Manager Web Portal displays the available categories.
  • You can log in with a different ServiceNow user to another instance of ServiceNow portal, in the same browser using a different tab. In this case, when you click the One Identity Manager link in ServiceNow Web Portal, the One Identity Manager Web Portal is displayed by default without requiring you to enter the login credentials. One Identity Manager uses the credentials of the last logged in user.
  • When the browser is closed and a new instance of the browser is opened, clicking the One Identity manager link in the ServiceNow Web Portal displays the authorization page to the One Identity Manager Web Portal prompting you to enter the user credentials.

The login behavior of One Identity Manager Web Portal for OAuth 2.0 / OpenID Connect (role based) authentication module is described below:

  • When you click the One Identity Manager link in ServiceNow Web Portal for the first time, an authorization page to the One Identity Manager Web Portal is displayed prompting you to enter the user credentials of One Identity Manager.
  • After logging in, the One Identity Manager Web Portal displays the available categories.
  • You can log in with a different ServiceNow user to another instance of ServiceNow portal, in the same browser using a different tab. In this case, when you click the One Identity Manager link in ServiceNow Web Portal, the One Identity Manager Web Portal is displayed by default without requiring you to enter the login credentials. One Identity Manager uses the credentials of the last logged in user.
  • When the browser is closed and a new instance of the browser is opened, clicking the One Identity manager link in the ServiceNow Web Portal displays the One Identity Manager Web Portal without requiring you to enter the login credentials. One Identity Manager uses the credentials of the last logged in user.

Logging out from ServiceNow

When a user logs out of the ServiceNow portal, the process to log off from the One Identity Manager web session starts. ServiceNow allows customization of the log off from the portal, which can be used to browse the One Identity Manager deep link which clears the authentication session.

One Identity Manager 8.X does not have a log out URL available for clearing the SSO session, which must be implemented in One Identity Manager OAuthenticator module to solve this use-case. Feature ID aimed at solving the impediment is 771671. A workaround for the log out issue is to log off the One Identity Manager session, before logging out of the ServiceNow portal.

Use Case Scenarios

This section provides descriptions about the following use case scenarios:

Use Case Scenario with ServiceNow as Master

In this use case scenario, a ticket is created on ServiceNow for any item that is requested on the One Identity Manager web portal with ServiceNow as the master.

This scenario uses the following steps:

Step 1: Enable Service category: To enable the functionality of creating a ServiceNow ticket for a service item, you must first enable the service category for ServiceNow.

Step 2: Create service request ticket: The process chain SCN_Create ServiceNow ticket creates a ticket on ServiceNow, based on the parameters configured in the process task. After a ticket is created, it must be resolved on ServiceNow, as ServiceNow is the master.

Step 3: Check ticket status: The SCN_Check_status_of_the_ServiceNow_ticket process is run on a scheduled basis to check for the PersonWantsOrg entries that are still open and associated with a ticket in ServiceNow.

The process returns SNOWResponse variable, which contains the status of the ticket from ServiceNow. This response is used to change the associated PersonWantsOrg entry in One Identity Manager.

NOTE: The schedule for checking the status of the ticket can be set, by changing the schedule in the Designer | Base Data | General | Schedules. Select the schedule ServiceNow Ticket status check schedule.

In an error scenario where the ticket is not created for a PWO request entry, the request goes into the denied state automatically and the user can request for the same product again.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating