ServiceNow Provisioning - Eureka and Later Releases

Note: This ServiceNow app is deprecated and Okta recommends that you move to ServiceNow UD.



Before configuring provisioning in Okta, you need to do the following:


The following provisioning features are supported:

  • Push Groups

    Groups and their members can be pushed to remote systems. For more about using group push operations see Using Group Push.

  • Import New Users

    New users created in the third party application will be downloaded and turned in to new AppUser objects, for matching against existing OKTA users.

  • Import Profile Updates

  • Push New Users

    New users created through OKTA will also be created in the third party application.

  • Push Password Updates

    Updates made to the user's password through OKTA will be pushed to the third party application.

  • Push Profile Updates

    Updates made to the user's profile through OKTA will be pushed to the third party application.

  • Push User Deactivation

    Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in the third party application.

  • Reactivate Users

    Reactivating the user through Okta will reactivate the user in the 3rd party application.


Configure your Provisioning settings for ServiceNow as follows:

  1. Check the Enable API Integration box.

  2. Enter your ServiceNow credentials:

    • Admin User Name: Enter a ServiceNow username with administrator permissions for your organization.

    • Admin Password: Enter a password for your administrator account (above).

    • The rest of the attributes are populated with default values. If you need to edit any of these values, you will need to enter the corresponding column names in the ServiceNow SYS_USER table. See Troubleshooting Tips, below.



There is predefined AD mapping for certain fields that is not modifiable and used only in case AD is configured as the source.

  • AD.managerDn > ServiceNow.manager

  • AD.deliveryOffice > ServiceNow.location

  • AD.department > ServiceNow.department

  • AD.telephoneNumber > ServiceNow.businessPhone

  • AD.departmentNumber > ServiceNow.costCenter

  • AD.title > ServiceNow.title

Also note that fields with predefined list of values (such as Location, Department, etc.) should be synchronized between AD and ServiceNow.

For example:

AD Department ServiceNow Department Comment
Development Development OK
Finance Finance should be added into Department list in ServiceNow.

In case Finance department is not listed in ServiceNow and it was set in AD for a certain user, the Department field value for this user will have old value (that is, not Finance) in ServiceNow.


Where do I find my SYS_USER table list?

  1. Log into your ServiceNow Admin Account.

  2. Select Ctl + Option(Alt) + N to open the Toggle Navigation Bar.

  3. Search for : Tables.

    • Under System Definition, select Tables.

  4. Search for SYS_USER.


How do I disable mapping for specific fields?

You can turn off synchronization for the specific field by leaving corresponding Service Now column name value as empty.