ServiceNow (Eureka)

This ServiceNow app is deprecated and Okta recommends moving to ServiceNow UD. For more information, see ServiceNow and ServiceNow UD SSO migration guide.

Requirements

  • These instructions assume that you have already added a ServiceNow app instance in Okta, and have configured SSO. See How to Configure SAML 2.0 for ServiceNow for more information. For general information about adding applications, see Add existing app integrations.
  • Okta requirements: Ensure you have configured your complete Login URL name under the General Settings tab:

    Configure your Sign-On Options on the next tab, then click Next to go back to the Provisioning tab.

Features

  • Push Groups

    Groups and their members can be pushed to remote systems.

  • Import New Users

    New users created in the third-party application will be downloaded and turned in to new AppUser objects, for matching against existing Okta users.

  • Import Profile Updates

  • Push New Users

    New users created through Okta will also be created in the third-party application.

  • Push Password Updates

    Updates made to the user's password through Okta will be pushed to the third party application.

  • Push Profile Updates

    Updates made to the user's profile through Okta will be pushed to the third-party application.

  • Push User Deactivation

    Deactivating the user or disabling the user's access to the application through Okta will deactivate the user in the third-party application.

  • Reactivate Users

    Reactivating the user through Okta will reactivate the user in the third-party application.

Procedure

Configure your Provisioning settings for ServiceNow as follows:

  1. Check the Enable API Integration box.

  2. Enter your ServiceNow credentials:

    • Admin User Name: Enter a ServiceNow username with administrator permissions for your organization.

    • Admin Password: Enter a password for your administrator account (above).

    • The rest of the attributes are populated with default values. If you need to edit any of these values, you will need to enter the corresponding column names in the ServiceNow SYS_USER table. See Troubleshooting Tips.

    servicenoweurekaprovisioning1

Active Directory mapping

There is predefined AD mapping for certain fields that is not modifiable and used only in case AD is configured as the source.

  • AD.managerDn > ServiceNow.manager

  • AD.deliveryOffice > ServiceNow.location

  • AD.department > ServiceNow.department

  • AD.telephoneNumber > ServiceNow.businessPhone

  • AD.departmentNumber > ServiceNow.costCenter

  • AD.title > ServiceNow.title

Also note that fields with a predefined list of values (such as Location, Department, etc.) should be synchronized between AD and ServiceNow.

For example:

AD Department ServiceNow Department Comment
Development Development OK
HR HR OK
Finance Finance should be added to Department list in ServiceNow.

In case the Finance department is not listed in ServiceNow and it was set in AD for a certain user, the Department field value for this user will have an old value (that is, not Finance) in ServiceNow.

Troubleshooting

Locate the SYS_USER table list

  1. Sign in to your ServiceNow Admin Account.

  2. Select Ctl + Option(Alt) + N to open the Toggle Navigation Bar.

  3. Search for Tables.

    • Under System Definition, select Tables.

  4. Search for SYS_USER.

servicenow3

Disable mapping for specific fields

You can turn off synchronization for the specific field by leaving the corresponding Service Now column name value empty.