ServiceNow

47160247.jpg

 


 

Overview

ServiceNow provides attractive benefits to organizations that are using the ServiceNow platform for IT Service Management. 

 


 

Supported Solutions

ServiceNow offers various out of the box and also custom solutions. Solutions are supported by Planview, as long as they extend the supported artifact tables (see supported artifacts section). 

Planview currently supports:

  • ServiceNow IT Service Management (including Service Desk)
  • ServiceNow IT Business Management
    • ServiceNow PPM
    • ServiceNow Agile Development Plug-In (formerly SDLC)
    • ServiceNow Agile Development 2.0 Plug-In  (introduced in ServiceNow London)
    • Scaled Agile Framework (SAFe) Plug-In (introduced in ServiceNow London)
  • ServiceNow Express

 


 

Connector Setup Details

Minimal User Permissions & Viz User

We recommend that you create a new user within your external tool, to be used only for Viz. This is the user information you will enter when setting up your tool connection within Planview Viz. By creating a new user, you will ensure that the correct permissions are granted. 

In general, your user account should have sufficient permissions to read artifacts in your tool. 

Your user should have a secure password or token. Please be aware that Viz will not allow you to save a tool connection utilizing a weak password/token, such as 'tasktop.'

See ServiceNow instructions on how to create a new Viz user in ServiceNow.

Viz requires access to a specific set of tables within the ServiceNow tool. Follow the instructions below to grant the Viz user access to the required tables:

  1. Create a new role in ServiceNow for Viz (e.g., tasktop_user).
  2. Save the changes:
    Ensure that the following permissions are granted to the newly created role:

Table Name

Operation

Description

sys_choice

sys_choice_list.*

READ

Allows Viz to retrieve field options (e.g., single select fields).

sys_dictionary

sys_dictionary.

READ

Allows Viz to understand the valid fields available for the different types.

sys_ui_element sys_ui_element.* sys_ui_section sys_ui_section.*

READ

Allows retrieving the forms and UI elements so Viz knows the visibility of fields to determine whether they should be required.

sys_properties

sys_properties.*

READ

Allow reading system properties such as the server’s time zone and the JSON row limit.

sys_user

sys_user_list (if available)

READ

Allows reading person information for valid synchronization of user fields.

sys_db_object

sys_db_object.

READ

Allows retrieving the available artifact types.

sys_glide_object

sys_glide_object.

READ

Allows Viz to get the types of each of the fields returned by the sys_dictionary table to ensure that we can submit data in the correct format.

    • For each table that is to be used in an instance, READ access is required on the table itself as well as any table directly related to it (e.g. reference fields, parent fields, etc). 

Finally, assign this role to the user which Viz will be configured to use.

In addition to the user having permission to access the tables, the tables must be configured to allow access via web services. To allow access via web services, open the relevant table definition and switch to the Application Access tab. Make sure the Allow access to this table via web services option is checked. This access will be needed for all of the tables listed in the ACL section above, as well as any tables for artifacts to be synchronized.

Note: The default admin role has access to all the necessary tables within the ServiceNow (Service Desk) tool.

Recommended System Properties

We recommend setting the ServiceNow system property, glide.invalid_query.returns_no_rows, to true. This ensures that invalid queries return no results. If it is set to false, ServiceNow will ignore the invalid part of the query, and return results based on the valid part of the query, potentially leading to unexpected results.

Connecting to the ServiceNow Repository

Standard Authentication

Required Fields:

Optional Fields:

  • Fast Reference Field Support: See details below
  • Full Reference Field Support: See details below
  • Enabled Non-Task Extended Tables

ServiceNow Tool Connection Screen

Standard Authentication (Via AWS Secrets Manager) 

Overview

This authentication method uses Standard Authentication to authenticate with ServiceNow, with the actual credentials being retrieved from the customer’s AWS Secrets Manager. The application connects to AWS Secrets Manager to retrieve the username and password, and then uses those to authenticate with the ServiceNow repository via Standard Authentication. 

Prerequisites

  • The on-premise agent should be deployed in the customer’s AWS account in the same region as the customer’s AWS Secrets Manager service that holds the Service Now credentials

  • The machine hosting the agent must possess IAM Role permissions to access the necessary AWS Secrets Manager secret 

  • Customer managed keys created in AWS Key Management Service (KMS), used for encrypting secrets, should be created in the same AWS account and region

Field Explanation

  1. Location/Connection URL
  2. AWS Region
    • The region can be determined from the AWS Secrets Manager console where the secret is created.
    • Examples of input: us-east-1, us-west-2, etc 
  3. AWS Secret Name

    • The AWS Secret Name is the title by which the secret is created on the AWS Secrets Manager console

    • The username and password must be created in that secret with keys “username” and “password” respectively

    • Below is a screenshot of an example from the AWS Console: 

      undefined

OpenID Connect Private Key Signed JWT Authentication

Required Fields

  • URL for OpenID Connect credentials

  • OpenID Connect client ID

    • The client ID registered with the authentication server.

    • The client must have the client credentials grant type enabled.

    • The client must have registered the public certificate given in the “RSA certificate and private key (.p12)” field

  • OpenID Connect scope

  • Public Certificate

    • A PEM encoded public certificate of the private key being used to sign JWTs included in the requests client_assertion parameter

  • RSA Private Key

    • A PEM encoded PKCS8 private key used to sign JWTs included in the requests client_assertion parameter.

  • Resource Parameter

    • The Open ID Connect resource parameter sent in the access token request.

    • Required for versions of Microsoft AD FS prior to 2019.

  • Key ID

    • The “kid” header of the JWT sent in the access token request

 


Other Configuration Settings

Reference Field Support as Single Select 

There are only a few out-of-the-box reference fields that the ServiceNow connector supports by default: user, configuration item, and assignment group. The connector will not expose or retrieve any other reference fields unless you specify them on the Tool Connection screen.

Note: User, configuration item, and assignment group are supported as Fast Reference Fields by default (see details below), and must be added as Full Reference Fields in order to support retrieving and mapping field values in Viz or writing to those fields in ServiceNow.

When setting up your tool connection, you will have two options for how extensively to support reference fields: 

  • Fast Reference Field Support: This option will work if you want to add fast, lightweight support for one or more reference fields. To enable this, add reference table column names, not labels (separated by commas). Using this configuration, the connector will only retrieve the available values on an as-needed basis and thus, the options will not be listed for simple value mapping. You will have to either pass in a correct value or use more advanced mapping configuration. A column name in this list overrides the same value in "Full Reference Field Support" list. Example value: "company, u_custom_reference"
  • Full Reference Field Support: Listing column names here will add full support, meaning that the connector will retrieve all available options for a reference field (even if there are thousands). Note that listing all options can take a lot of time and memory depending on the number of values (records) in the reference tables. This option is recommended if you want to list field values or map them one by one. 

To find a sample table name, right click on the field (reference field) that you are interested in:

Show Table Name

And then find the 'Element' line. 

Element Line

 


 

Supported Artifacts

Supported Work Items

Supported Work Item Type

Applicable Repository Versions

Unique URL?

Problem

Any supported repository version:

Yes

Incident

Any supported repository version:

Yes

Any type extending from the Task table

(including user-defined tables and any plugins - like Agile Development (SDLC) - that derive from the task table):

A partial list of non-user-defined types is

Note: full list is dependent on the specific ServiceNow configuration:

  • Agile Release Trains

  • Catalog Task

  • Change Phase

  • Change Request

  • Change Task

  • Epics

  • Features

  • Feature Task

  • Group approval

  • IMAC

  • Incident

  • Kb Submission

  • Problem

  • Problem Task

  • Program Increments

  • Release Phase

  • Request

  • Requested Item

  • Sprints

  • Stories

  • Ticket

Task itself cannot be used in queries but its properties are used in all tables that extend it. Note there are over 150 plugins that can also have artifacts that derive from task. The Agile Development (SDLC) and PPM plugins add to supported artifact types:

  • Defect

  • Documentation Task

  • Enhancement

  • Epic

  • Feature

  • Project

  • Project Task  - Project mgt

  • Release

  • Release Task

  • Scrum Release

  • Scrum Task

  • SDLC release

  • Sprint

  • Story

Any supported repository version:

Yes

Supported Containers

Containers that can be modeled as Flow Items

Applicable Repository Versions

Unique URL?

N/A

 

 

Containers used to define which artifacts are included in an Artifact Set

 

 

N/A (entire tool serves as container)

Any supported repository version:

N/A

 


 

Supported Field Types

Planview Viz supports configuring rule-based modeling (i.e., conditional modeling) using the field types shown below.

Note: If one field of a given type is supported, others that are also that type in theory should also work. However, sometimes there are instances in which this is not the case due to the repository. So, while we can claim support for fields at the type level, there is a chance that some specific fields of a given type will not function properly.

Standard Field Type

How is field type referenced in the repository?

Sample Repository Fields Supported

Particular Repository Fields NOT Supported

1checkicon.png String

String, Translated Text

Short Description

 

1checkicon.png Single Select

 

Choice; Reference, where the referenced table is Configuration Item, Assignment Group, User, or User Group. Customers can manually add 'Fast' or 'Full' support in repository settings. (see more in configuration settings)

Urgency

Severity

Priority

 

1Not_allowed.svg.png Multi Select

 

 

 

1checkicon.png Boolean

True/False

Known error

Active

 

 


 

Functional Limitations

Category

Limitation

Applicable Repository Versions

Third Party Functional Limitation

Projects

Because ServiceNow does not support the notion of ‘projects,' the following behaviors may be observed when using Viz:

  • Users must select an artifact type rather than a project when creating an artifact set.

Any supported repository version:

Configuration Requirement

Fast Reference Fields

Fast Reference fields must be mapped as a string field.

Any supported repository version: