Set up a ServiceNow Developer Sandbox
- Aryn Wiebe
ServiceNow offers a developer sandbox to interact and develop against their APIs. If you want to try out the ServiceNow Notifer in Iguana X, you’ll first need to login or signup for a ServiceNow developer account and create an App:
Login or signup for a ServiceNow developer account: https://developer.servicenow.com/dev.do.
Once logged in:
Make sure your user role is set to Admin, which is required to access instance configurations. If not, you can select Change User Role to change it to Admin.
Click Start Building to access your instance and begin configuring your application.
Note the Instance ID in the URL of your ServiceNow instance:
For example - https://dev252204.service-now.com/
Go to Admin > Application Manager
Search for the following plugins to verify they are installed and enabled:
OAuth 2.0
REST API Auth Scope
ServiceNow uses OAuth2.0 JWT API endpoint to authenticate external requests. Therefore we need to upload a public key to ServiceNow so it can verify the integrity of JWT tokens signed by clients (ie. Iguana X), ensuring secure authentication of external requests.
Use OpenSSL command line to generate a key pair. You can use the following sample terminal commands:
openssl genrsa -out private.pem 1024
openssl req -new -x509 -key private.pem -out public.cer -days 365
Upload the public key to the X.509 Certificates table. You’ll use the private key in Iguana later.
Use the explorer in the All tab to navigate to System Definition > Certifications.
Click New, fill out the required information and paste your public key.
Navigate to System Web Services > API Auth Scopes > REST API Auth Scope
Create a new auth scope with the appropriate permissions as shown in the screenshot:
REST API: Table API
Auth Scope: create new scope (ex. ticket_create)
Navigate to System OAuth > Application Registry, click New.
Choose Create an OAuth JWT API endpoint for external clients and fill out the required details:
Name: the name of the application endpoint (ex. IguanaX)
OAuth Application User: a non-admin user account used to authenticate the connection. A new user can be created if necessary. (If this field is missing you can add it by right clicking the top grey bar > Configure > Form Design)
Auth Scope: the scope of access that external clients connecting to this endpoint will have. Click Insert a new row, add ticket_create, the scope we previously created.
Click Submit and then click on the newly created application. At the bottom of the page, click New to create a Jwt Verifier Map. For sys certificate, select the public key file you previously uploaded.
Â