How to Configure ServiceNow UD


OVERVIEW

About ServiceNow UD Provisioning

This guide provides information on how to configure provisioning for ServiceNow in your Okta orgThe Okta container that represents a real-world organization..


REQUIREMENTS

Before configuring provisioning in Okta, you need to do the following:


FEATURES

The following Provisioning features are supported:

  • Push new users

    New users created through OKTA will also be created in the third party application.

  • Push user deactivation

    Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in the third party application.

  • Push profile updates

    Updates made to the user's profile through OKTA will be pushed to the third party application.

  • Import new users

    New users created in the third party application will be downloaded and turned in to new AppUser objects, for matching against existing OKTA users.

  • Import profile updates

    Updates made to a user's profile in the third party application will be downloaded and applies to the profile fields stored locally in OKTA. If the app is the system of record for the user, changes made to core profile fields (email, first name, last name, etc) will be applied to the Okta user profile. If the app is NOT the system of record for the user, only changes made to app-specific fields will be applied to the local user profile.

  • Group Push

    GroupsGroups allow you to organize your end users and the apps they can access. Assigning apps to large sets of end users is made easier with groups. and their members can be pushed to remote systems. You can find more information about using group push operations (including Group Push enhancements) here: Using Group Push.

    Group Push enhancements for this application are currently generally available in all Preview orgs. For Production orgs, contact Okta Support and ask them to enable the following feature flag:

    • RUM_GROUP_PUSH_ENHANCEMENTS
  • Reactivate Users

    Reactivating the user through Okta will reactivate the user in the 3rd party application.

  • Sync Password

    Pushes user password from Okta to the 3rd party application.


PROCEDURES


PROFILE MAPPINGS


LIMITATIONS

  1. If the ServiceNow app contains two users with different User IDs and the same email (for example email=test_email@test.com), and we try create user with the same email and username (for example Okta UserName=Okta email = test_email@test.com) from Okta side, we will see the following error:

    servicenow_new_16.png

    servicenow_new_17.png

  2. In ServiceNow UD.1.0.4 version, the Time Zone user property was moved to user group level: once the ServiceNow UD app is assigned to a user group, the admin can select the Time Zone value for all users in this group. Also the value now is populated from dropdown list instead of regular text field as before.

    The change above will be applied for all applications created with new connector version. For existing connectors there are two options:

    • Ask support to migrate UD schema for this app to updated version. Note that all imported custom user attributes will be dropped and you should re-add them and re-import users to fetch attributes data from ServiceNow.

    • Continue using connector without update.

    To determine if you have the Time Zone attribute on group level, try to assign the ServiceNow application to a user group:

    No Time Zone (old version):

    servicenow_new_18.png

    With Time Zone (new version):

    servicenow_new_19.png


ADDITIONAL FEATURES

  • Okta Identity Cloud for ServiceNow
  • If you are configuring the Okta Identity Cloud application for ServiceNow Express or Enterprise, open OktaIdentityCloudDeploymentGuide.pdf.
    Note that the Okta Identity Cloud available in the ServiceNow store completely replaces the "SSO Provided by Okta" plugin inside of ServiceNow. That plugin is now deprecated, and the Okta Identity Cloud app provides all SSO and User Lifecycle functionality for ServiceNow via standard Okta integrations and the Multi-Provider SSO Plugin in ServiceNow.

  • Okta Orchestration Activity Pack
  • If you are configuring the Okta Orchestration Activity Pack, open OktaOrchestrationActivityPackSetup.pdf


LEARN MORE

Click here to view Okta's Extend and Customize Lifecycle Workflows.

Top