立即与支持人员聊天
与支持团队交流

Identity Manager 9.1.1 - Administration Guide for Connecting to ServiceNow

ServiceNow Module Overview Installation Managing ServiceNow Incidents from One Identity Manager One Identity Manager for Service Catalog Logging Troubleshooting

ServiceNow Approval

A request raised on ServiceNow is routed to the manager for approval or follows self-service approval depending on how the configuration parameters are configured. If manager approval is configured, each requested item will be available for separate approval/rejection, provided that SOD check is not enabled. If SOD check is enabled, all requested items need to be approved/rejected in a single operation.

Manager Approval

If manager approval is enabled, the request is routed to user’s ServiceNow/One Identity Manager’s manager for approval depending on the configuration parameter. Configure the following configuration parameters described below

Config name Value
perform_manager_approval true
manager_approval_authoritative_source SNOW / ONEIM
fallback_approver “Fallback approver name”

If manager_approval_authoritative_source has been configured to SNOW, the request will be routed to user’s ServiceNow manager and if one does not exist, it is routed to the configured fallback approver.

If manager_approval_authoritative_source has been configured to ONE IDENTITY MANAGER, the request will be routed to user’s One Identity Manager’s manager and if one does not exist, it is routed to the configured fallback approver.

NOTE: If the authoritative source is ServiceNow then system admin should make sure that the appropriate manager has approver role.

Self-Service approval in ServiceNow

To enable self-service approval in ServiceNow, configure the following configuration parameters with the value specified

Config name Value
perform_manager_approval false

Now the user requests will be automatically approved.

SOD cases

SOD rules configured in One Identity Manager can be checked and validated against at ServiceNow end by enabling the configuration parameter perform_sod_check (set the configuration parameter to true). SOD use cases are summarized below:

  • No SOD conflict for any of the requested item: The request is routed to the configured manager/fallback approver/self-service approval is performed.

  • SOD Conflict for some of the requested items and exception approver has been configured in the One Identity Manager SOD Rule: The request is routed to the compliance officer configured in ServiceNow (Configuration parameter: compliance_officer). If the compliance officer approves the request, the request is then routed to the configured manager/fallback approver/self-service approval is performed. If compliance officer rejects, the request is rejected

  • SOD Conflict for some of the requested items and exception approver has not been configured in the One Identity Manager SOD Rule: The request is automatically canceled.

One Identity Manager Approval

Once the IT Shop Item is approved in the One Identity ServiceNow application, the request is then processed by the defined approval process in One Identity manager. Optionally ITShop approval policy could be configured in such a way that self-service approval takes place when the request has been raised and approved in ServiceNow while request raised from One Identity Manager goes over the regular approval process. This way approvals do not need to take place multiple times for request raised from ServiceNow.

For more information on IT Shop Request approval process please refer to the Identity Manager 8.1 - IT Shop Administration Guide.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级