Documentation

ServiceNow

Suggest Edits

🛑

DRAFT CONTENT: INTERNAL ONLY. DO NOT SHARE.

This page is for review only and content is not verified. Do not share externally; this is proprietary information.

Prerequisites

Configuration

  1. Log in to your ServiceNow instance with administrator privileges.
  2. You can configure the connector using one of the following methods. Both methods require you to create an OAuth API endpoint.

Option 1: Use update set

  1. In Insights, select Update Set for installation method.
  2. Download the update set.
  3. Follow ServiceNow documentation, Save an update set as a local XML file, to apply the update set in your ServiceNow instance.

Option 2: Manual configuration

  1. Navigate to System Security > Users and Groups > Roles.
  2. Create a new role named bt_read_only.
  3. Select the created bt_read_only role.
  4. In the Contains Roles tab, select Edit.
  5. Assign the following roles:
    • snc_read_only
    • sn_aia.viewer
    • fd_read
  6. Navigate to System Security > Access Control (ACL).
  7. Create additional rules granting read-only access for bt_read_only role to the following tables:
    • sys_user
    • sys_user_has_role
    • sys_user_group
    • sys_user_grmember
    • sys_group_has_role
    • sys_user_role
    • sys_audit
    • sys_audit_delete
    • syslog_transaction
    • sn_aia_team_member

Create an OAuth API endpoint

When creating an OAuth API endpoint, there are two workflows available:

  • Creating a new inbound integration (Option 1)
    -or-
  • Creating an API endpoint for external clients (Option 2)

To create the OAuth API endpoint:

  1. Navigate to System Security > Users and Groups > Users.
  2. Create the service account and fill in the following details:
    • User ID: BT-SP-Connector
    • First Name: BT-SP-Connector
  3. Assign the bt_read_only role to the user.
  4. Navigate to System OAuth > Application Registry.

Option 1: New inbound integration experience

  1. Select New > New Inbound Integration Experience > New integration > OAuth - Client Credentials grant.
  2. Fill in the following details:
    • Name: BT-SP-Connector
    • OAuth application user: BT-SP-Connector
  3. Copy the Client ID and Client Secret.
  4. Select Save.
  5. In Insights, enter the Domain, Client ID, and Client Secret in the appropriate fields.

Option 2: OAuth API endpoint for external client

  1. Select New > Create an OAuth API endpoint for external clients.
  2. Fill in the following details:
    • Name: BT-SP-Connector
    • Client Type: Integration as a Service
    • Default Grant type: Client Credentials
    • OAuth Application User: bt-sp-connector
    • Auth Scope: useraccount
  3. Select Submit.
  4. Select the created BT-SP-Connector application.
  5. Copy the Client ID and Client Secret.
  6. In Insights, enter the Domain, Client ID, and Client Secret.

Updated 2 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.