Set up a ServiceNow Developer Sandbox

Login or signup for a ServiceNow developer account: https://developer.servicenow.com/dev.do.

Once logged in:

1. Make sure your user role is set to Admin, which is required to access instance configurations. If not, you can select Change User Role to change it to Admin.

2. Click Start Building to access your instance and begin configuring your application.

Open

Note the Instance ID in the URL of your ServiceNow instance:

For example - https://dev252204.service-now.com/

1. Go to Admin > Application Manager

Open

2. Search for the following plugins to verify they are installed and enabled:

   1. OAuth 2.0

   2. REST API Auth Scope

ServiceNow uses OAuth2.0 JWT API endpoint to authenticate external requests. Therefore we need to upload a public key to ServiceNow so it can verify the integrity of JWT tokens signed by clients (ie. Iguana X), ensuring secure authentication of external requests.

1. Use OpenSSL command line to generate a key pair. You can use the following sample terminal commands:

2. Upload the public key to the X.509 Certificates table. You’ll use the private key in Iguana later.

   1. Use the explorer in the All tab to navigate to System Definition > Certifications.

   2. Click New, fill out the required information and paste your public key.

Navigate to System Web Services > API Auth Scopes > REST API Auth Scope

1. Create a new auth scope with the appropriate permissions as shown in the screenshot:

   1. REST API: Table API

   2. Auth Scope: create new scope (ex. ticket_create)

1. Navigate to System OAuth > Application Registry, click New.

2. Choose Create an OAuth JWT API endpoint for external clients and fill out the required details:

   1. Name: the name of the application endpoint (ex. IguanaX)

   2. OAuth Application User: a non-admin user account used to authenticate the connection. A new user can be created if necessary. (If this field is missing you can add it by right clicking the top grey bar > Configure > Form Design)

   3. Auth Scope: the scope of access that external clients connecting to this endpoint will have. Click Insert a new row, add ticket_create, the scope we previously created.

3. Click Submit and then click on the newly created application. At the bottom of the page, click New to create a Jwt Verifier Map. For sys certificate, select the public key file you previously uploaded.