{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-guides/sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":["tabs","tab"]},"type":"markdown"},"seo":{"title":"ServiceNow Vulnerability Configuration Guide","siteUrl":"https://docs.synqly.com","lang":"en-US","llmstxt":{"hide":false,"sections":[{"title":"Table of contents","includeFiles":["**/*"],"excludeFiles":[]}],"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"servicenow-vulnerability-configuration-guide","__idx":0},"children":["ServiceNow Vulnerability Configuration Guide"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This guide walks you through configuring ServiceNow Vulnerability Response for use with Synqly's Vulnerabilities Connector."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["ServiceNow supports token (API key) authentication or basic authentication with a username and password. Select the appropriate tab in Step 1:"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["API key (recommended):"]}," Token authentication with an inbound REST API key. Requires the Washington DC ServiceNow release or later."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Username and password:"]}," Use a dedicated service account when your instance does not support API keys."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["After authentication is set up, configure the integration using the values from your chosen path."]},{"$$mdtype":"Tag","name":"hr","attributes":{},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"prerequisites","__idx":1},"children":["Prerequisites"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"log-in-and-create-a-service-account","__idx":2},"children":["Log in and create a service account"]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Log in to ServiceNow"]}," as an admin."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Create a service account (recommended)."]}," A dedicated account avoids broken integrations if an employee account is deactivated. Go to ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["All > Organization > Users"]},", select ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["New"]},", set ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["User ID"]}," (required), select ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Internal Integration User"]},", and complete any other required fields. Open the new user, go to the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Roles"]}," tab, select ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Edit..."]},", and add the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["admin"]}," collection."," ","The ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["admin"]}," role is currently required for the Vulnerabilities connector to function. We plan to document a least-privilege role set in a later revision of this guide."]}]},{"$$mdtype":"Tag","name":"hr","attributes":{},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Configuration"]},{"$$mdtype":"Tag","name":"Tabs","attributes":{"size":"medium"},"children":[{"$$mdtype":"Tag","name":"div","attributes":{"label":"API Key (Recommended)","disable":false},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The preferred method is token authentication. For more details, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"https://www.servicenow.com/community/developer-advocate-blog/inbound-rest-api-keys/ba-p/2854924"},"children":["this guide from ServiceNow"]},"."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["API keys require the Washington DC ServiceNow release or later. Earlier instances need username and password; use the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Username and Password"]}," tab."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"1-verify-the-api-key-plugin","__idx":3},"children":["1. Verify the API Key plugin"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["In ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["All > Admin Center > Application Manager"]},", search for ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["HMAC Authentication"]}," and confirm ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["API Key and HMAC Authentication"]}," (",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["com.glide.tokenbased_auth"]},") is activated. Activate it if it is not."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"2-elevate-role","__idx":4},"children":["2. Elevate role"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Open the user menu (face icon), choose ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Elevate Role"]},", and select ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["security_admin"]}," so you can configure API access."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"3-create-the-inbound-authentication-profile","__idx":5},"children":["3. Create the Inbound Authentication Profile"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Go to ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["All > System Web Services > API Access Policies > Inbound Authentication Profile"]},". Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["New"]},", then ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Create API Key authentication profiles"]},"."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Give the profile a ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["name"]}," that reflects an integration API key. In ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Auth Parameter"]},", add ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Auth Header"]}," with the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["x-sn-apikey"]}," header. Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Submit"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"4-create-an-api-key","__idx":6},"children":["4. Create an API Key"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Go to ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["All > System Web Services > API Access Policies > REST API Key"]},". Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["New"]},", set a ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["name"]}," for the key, and set ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["User"]}," to the service account you created above (that user must have the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["admin"]}," role). Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Save"]},"."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Use the lock icon to view and copy the token. Store it securely."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"5-set-the-api-access-policy","__idx":7},"children":["5. Set the API Access Policy"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Go to ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["All > System Web Services > API Access Policies > REST API Access Policies"]}," and click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["New"]}," (this may take a moment)."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Enter a descriptive name, set ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["REST API"]}," to ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Table API"]},", and ensure ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Apply to all methods"]}," is selected."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"configure-the-integration-api-key","__idx":8},"children":["Configure the integration (API key)"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["URL"]},{"$$mdtype":"Tag","name":"br","attributes":{},"children":[]},"The root URL of your ServiceNow instance, for example ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://<tenant>.service-now.com/"]},"."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Token"]},{"$$mdtype":"Tag","name":"br","attributes":{},"children":[]},"The API key value from step 4."]}]},{"$$mdtype":"Tag","name":"div","attributes":{"label":"Username and Password","disable":false},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For instances that do not support API keys, use basic authentication with the service account you created above."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"1-set-a-password","__idx":9},"children":["1. Set a password"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["In ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["All > Organization > Users"]},", open the service account and set a password. Save the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["User ID"]}," and password securely; you will use them in Synqly."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"configure-the-integration-basic-auth","__idx":10},"children":["Configure the integration (basic auth)"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["URL"]},{"$$mdtype":"Tag","name":"br","attributes":{},"children":[]},"The root URL of your ServiceNow instance, for example ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://<tenant>.service-now.com/"]},"."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Username"]},{"$$mdtype":"Tag","name":"br","attributes":{},"children":[]},"The ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["User ID"]}," of the service account."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Password"]},{"$$mdtype":"Tag","name":"br","attributes":{},"children":[]},"The password for that user."]}]}]}]},"headings":[{"value":"ServiceNow Vulnerability Configuration Guide","id":"servicenow-vulnerability-configuration-guide","depth":1},{"value":"Prerequisites","id":"prerequisites","depth":2},{"value":"Log in and create a service account","id":"log-in-and-create-a-service-account","depth":3},{"value":"1. Verify the API Key plugin","id":"1-verify-the-api-key-plugin","depth":3},{"value":"2. Elevate role","id":"2-elevate-role","depth":3},{"value":"3. Create the Inbound Authentication Profile","id":"3-create-the-inbound-authentication-profile","depth":3},{"value":"4. Create an API Key","id":"4-create-an-api-key","depth":3},{"value":"5. Set the API Access Policy","id":"5-set-the-api-access-policy","depth":3},{"value":"Configure the integration (API key)","id":"configure-the-integration-api-key","depth":3},{"value":"1. Set a password","id":"1-set-a-password","depth":3},{"value":"Configure the integration (basic auth)","id":"configure-the-integration-basic-auth","depth":3}],"frontmatter":{"slug":"guides/provider-configuration/servicenow-vulnerability-setup","seo":{"title":"ServiceNow Vulnerability Configuration Guide"}},"lastModified":"2026-04-29T15:42:44.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/guides/provider-configuration/servicenow-vulnerability-setup","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}