ServiceNow

The ServiceNow connector lets you perform insert, delete, update, and read operations on ServiceNow database.

Before you begin

Before using the Servicenow connector, do the following tasks:

  • In your Google Cloud project:
    • Grant the roles/connectors.admin IAM role to the user configuring the connector.
    • Grant the following IAM roles to the service account that you want to use for the connector:
      • roles/secretmanager.viewer
      • roles/secretmanager.secretAccessor

      A service account is a special type of Google account intended to represent a non-human user that needs to authenticate and be authorized to access data in Google APIs. If you don't have a service account, you must create a service account. For more information, see Creating a service account.

    • Enable the following services:
      • secretmanager.googleapis.com (Secret Manager API)
      • connectors.googleapis.com (Connectors API)

      To understand how to enable services, see Enabling services.

    If these services or permissions have not been enabled for your project previously, you are prompted to enable them when configuring the connector.

Configure the connector

Configuring the connector requires you to create a connection to your data source (backend system). A connection is specific to a data source. It means that if you have many data sources, you must create a separate connection for each data source. To create a connection, do the following steps:

  1. In the Cloud console, go to the Integration Connectors > Connections page and then select or create a Google Cloud project.

    Go to the Connections page

  2. Click + CREATE NEW to open the Create Connection page.
  3. In the Location section, choose the location for the connection.
    1. Region: Select a location from the drop-down list.

      For the list of all the supported regions, see Locations.

    2. Click NEXT.
  4. In the Connection Details section, complete the following:
    1. Connector: Select Servicenow from the drop down list of available Connectors.
    2. Connector version: Select the Connector version from the drop down list of available versions.
    3. In the Connection Name field, enter a name for the Connection instance.

      Connection names must meet the following criteria:

      • Connection names can use letters, numbers, or hyphens.
      • Letters must be lower-case.
      • Connection names must begin with a letter and end with a letter or number.
      • Connection names cannot exceed 63 characters.
    4. Optionally, enter a Description for the connection instance.
    5. Service Account: Select a service account that has the required roles.
    6. To use the connection for event subscriptions, select Enable event subscription. Selecting this, displays the following options:
      • Enable event subscription with entity and actions: Select this option to use the connection for both event subscription and connector operations (entities and actions).
      • Enable only event subscription: Select this option to use the connection only for event subscription.

      For both these selections, you are prompted to configure the event details in the subsequent steps.

    7. Optionally, configure the Connection node settings (Preview):

      • Minimum number of nodes: Enter the minimum number of connection nodes.
      • Maximum number of nodes: Enter the maximum number of connection nodes.

      A node is a unit (or replica) of a connection that processes transactions. More nodes are required to process more transactions for a connection and conversely, fewer nodes are required to process fewer transactions. To understand how the nodes affect your connector pricing, see Pricing for connection nodes. If you don't enter any values, by default the minimum nodes are set to 2 (for better availability) and the maximum nodes are set to 50.

    8. Use proxy: Select this checkbox to configure a proxy server for the connection and configure the following values:
      • Proxy Auth Scheme: Select the authentication type to authenticate with the proxy server. The following authentication types are supported:
        • Basic: Basic HTTP authentication.
        • Digest: Digest HTTP authentication.
      • Proxy User: A user name to be used to authenticate with the proxy server.
      • Proxy Password: The user's password.
      • Proxy SSL Type: The SSL type to use when connecting to the proxy server. The following authentication types are supported:
        • Auto: Default setting. If the URL is an HTTPS URL, then the Tunnel option is used. If the URL is an HTTP URL, then the NEVER option is used.
        • Always: The connection is always SSL enabled.
        • Never: The connection is not SSL enabled.
        • Tunnel: The connection is through a tunneling proxy. The proxy server opens a connection to the remote host and traffic flows back and forth through the proxy.
      • In the Proxy Server section, enter details of the proxy server.
        1. Click + Add destination.
        2. Select a Destination Type.
          • Host address: Specify the hostname or IP address of the destination.

            If you want to establish private connection to your backend, do the following:

    9. Optionally, click + ADD LABEL to add a label to the Connection in the form of a key/value pair.
    10. Click NEXT.
  5. In the Destinations section, enter details of the remote host (backend system) you want to connect to.
    1. Destination Type: Select a Destination Type.
      • Host address: Specify the hostname or IP address of the destination.

        If you want to establish private connection to your backend, do the following:

      To enter additional destinations, click +ADD DESTINATION.

    2. Click NEXT.
  6. In the Authentication section, enter the authentication details.
    1. Select an Authentication type and enter the relevant details.

      The following authentication types are supported by the Servicenow connection:

      • Username and password

      2. To understand how to configure these authentication types, see Configure authentication.

    2. Click NEXT.
  7. If you have enabled event subscription, the Event Subscription Details section appears on the connection creation page. To understand how to configure event subscription details, see Configure event subscription.
  8. Review: Review your connection and authentication details.
  9. Click Create.

Configure authentication

Enter the details based on the authentication you want to use.

  • Username and password
    • Username: The ServiceNow username to use for the connection.
    • Password: Secret Manager secret containing the password associated with the ServiceNow username.

Configure event subscription [Preview]

If you have enabled the event subscription, enter the following values in the Event Subscription Details section:

  • Authentication Token: (Optional) Select the Secret Manager secret of your authentication token, and the corresponding secret version from the Secret Version drop-down.
  • HMAC Algorithm: (Optional) Select the HMAC algorithm for encrypting the response payload.
  • HMAC Secret Key: If you have selected a HMAC Algorithm, select the Secret Manager secret of the HMAC key, and the corresponding secret version from the Secret Version drop-down.

Post connection creation steps

To complete the event subscription configuration, you must register the webhook URL with your ServiceNow application. Therefore, after the connection creation is successful, perform the following additional steps:

  1. Go the connection details page of the newly created connection, and copy the webhook URL for event subscription.
  2. Log in to your ServiceNow application and do the following:
    1. In the All > Business Rules > When to run page, select the operation for which you want to listen.
    2. Click the Advanced tab. This opens a script editor.
    3. Enter a JavaScript that sends a request to the callback URL. The request contains the payload that is triggered whenever any of the enabled operation occurs. A sample JavaScript is as follows:

      Template

      (function executeRule(current, previous /*null when async*/ ) {
var request = new sn_ws.RESTMessageV2();
request.setEndpoint('WEBHOOK_URL'); // here you must the listener url where you want send the event payload

request.setHttpMethod('POST');

var authToken = "AUTHENTICATION_TOKEN"
request.setRequestHeader("authorization", authToken);
request.setRequestHeader("Accept", "application/json");
request.setRequestHeader('Content-Type', 'application/json');

request.setRequestBody("{\"eventType\":\"" +
"EVENT_TYPE" + CUSTOM_FIELDS "\"}");

var data = request.getRequestBody();
var secretKey = "SECRET_KEY";

var signature = SncAuthentication.encode(data, secretKey, "ENCRYPTION_ALGORITHM");
request.setRequestHeader("hmacauthorization",signature);
var response = request.execute();

})(current, previous);

      Replace the following:

      • WEBHOOK_URL: Webhook URL for event subscription that you would have got from the connection details page of Integration Connectors.
      • AUTHENTICATION_TOKEN: The actual text for authentication token that you have configured for the connection.
      • EVENT_TYPE: The actual text for event type that you have configured in the ServiceNow trigger.
      • CUSTOM_FIELDS: The request body must always have the eventType field. In addition to this field, you can add other fields based on your requirement.
      • SECRET_KEY: The actual text for secret key that you have configured for the connection.
      • ENCRYPTION_ALGORITHM: Should be any one of the following values:
        • HmacSHA224
        • HmacSHA256
        • HmacSHA384
        • HmacSHA512

        The algorithm should be same algorithm that you have configured for the connection.

      Example

      (function executeRule(current, previous /*null when async*/ ) {
var request = new sn_ws.RESTMessageV2();
request.setEndpoint('https://webhook.site/bb37937e-24ea-19b3-9dcd-84eca77f60eg'); // here you must the listener url where you want send the event payload

request.setHttpMethod('POST');

var authToken = "YWRtaW46ZkVpNypxVzhCL3VY"
request.setRequestHeader("authorization", authToken);
request.setRequestHeader("Accept", "application/json");
request.setRequestHeader('Content-Type', 'application/json');

request.setRequestBody("{\"caller_id\":\"" +
current.caller_id + "\",\"eventType\":\"" +
"service_now_event_type_1" + "\",\"company\":\"" +
current.company + "\",\"number\":\"" +
current.number + "\",\"description\":\"" +
current.description + "\",\"FirstName\":\"" +
current.u_firstname + "\",\"LastName\":\"" +
current.u_lastname + "\",\"status\":\"" +
current.u_status + "\",\"Element\":\"" +
current.getElement() + "\",\"category\":\"" +
current.category + "\",\"opened_at\":\"" +
current.opened_at + "\",\"opened_by\":\"" +
current.opened_by + "\",\"location\":\"" +
current.location + "\",\"salesforceId\":\"" +
current.u_salesforceid + "\"}"); //fields you want

var data = request.getRequestBody();
var secretKey = "YWRtaW46ZkVpNypxVzhCL3VY";

// var MAC_ALG_4 = "HmacSHA384";
var MAC_ALG_3 = "HmacSHA256";
// var MAC_ALG_5 = "HmacSHA512";
// var MAC_ALG_2 = "HmacSHA224";

var signature = SncAuthentication.encode(data, secretKey, MAC_ALG_3);
request.setRequestHeader("hmacauthorization",signature);
var response = request.execute();

})(current, previous);

Entities, operations, and actions

All the Integration Connectors provide a layer of abstraction for the objects of the connected application. You can access an application's objects only through this abstraction. The abstraction is exposed to you as entities, operations, and actions.

  • Entity: An entity can be thought of as an object, or a collection of properties, in the connected application or service. The definition of an entity differs from a connector to a connector. For example, in a database connector, tables are the entities, in a file server connector, folders are the entities, and in a messaging system connector, queues are the entities.

    However, it is possible that a connector doesn't support or have any entities, in which case the Entities list will be empty. For example, the Pub/Sub connector doesn't have any entity, but only has the publishMessage action.

  • Operation: An operation is the activity that you can perform on an entity. You can perform any of the following operations on an entity:
    • List
    • Get
    • Create
    • Update
    • Delete

    Selecting an entity from the available list, generates a list of operations available for the entity. For a detailed description of the operations, see the Connectors task's entity operations. However, it is possible that a connector doesn't support any entity operations, in which case the Operations list will be empty.

  • Action: An action is a first class function that is made available to the integration through the connector interface. An action lets you make changes to an entity or entities, and vary from connector to connector. However, it is possible that a connector doesn't support any action, in which case the Actions list will be empty.

System limitations

The ServiceNow connector can process a maximum of 10 transactions per second, per node, and throttles any transactions beyond this limit. By default, Integration Connectors allocates 2 nodes (for better availability) for a connection.

For information on the limits applicable to Integration Connectors, see Limits.

Use the Servicenow connection in an integration

After you create the connection, it becomes available in both Apigee Integration and Application Integration. You can use the connection in an integration through the Connectors task.

  • To understand how to create and use the Connectors task in Apigee Integration, see Connectors task.
  • To understand how to create and use the Connectors task in Application Integration, see Connectors task.

Get help from the Google Cloud community

You can post your questions and discuss this connector in the Google Cloud community at Cloud Forums.

What's next