Policy Change Request - ServiceNow Integration

Note that this feature does not currently support SSO for Service Now clients. If using SSO, a full Service Now user account must be made available for users to be able to submit the Policy Change Request to Service Now.

ServiceNow Integration

ServiceNow and Application Control integration enables optimized and fully audited request handling. This functionality has been available from the 2022.1 release and later.

Prior to working in Application Control, a new ServiceNow instance needs to be created.

The configuration tasks - and the functionality available to end users as a result - are summarized in the following table:

Application Control - Administrator Tasks ServiceNow - Administrator Tasks Application Control - Endpoint User Functionality

Configure access to the ServiceNow server and the options available to end users when they raise a change request.

Refer to:

 

Manually configure the request offering and request form in ServiceNow. Ensure the workflow performs as expected.

Refer to:

 

Create and submit Policy Change Requests, monitor the status of requests as required.

Refer to:

 

Request Status

The status of all service requests is changed according to its processing within the ServiceNow workflow. The number of different stages used in the process - and name used to describe each status - is configured within the ServiceNow system.

Typically, when a service request is first raised, it is in the Submitted state, and only when it has been reviewed and analyzed against a set of criteria will it be Approved or Denied.

Only service requests in the Approved state are fulfilled by Application Control.

Policy Change Request Options - ServiceNow Integration

Policy Change Request options allow you to enable or disable end user access to the Policy Change request feature, and determine the request template available to them. The options determine how requests are communicated to the Ivanti Neurons for ITSM system and also what selection choices end users have when creating change requests.

Authentication accounts must be configured in ServiceNow before the Application Control integration.

  1. From the Menu ribbon select Global Settings > Policy Change Request Options, then select the ServiceNow Integration tab:

  2. Specify details needed for ServiceNow (instructions on where to find these details are below):

    • URL – which server you want to point at

    • Client ID – credentials

    • Client Secret – password

  3. Next, Login to ServiceNow as an authenticated user. The authentication in ServiceNow must be configured prior to this step so that the correct permissions are assigned when logging in through Application Control.

  4. Now, Browse for Catalog Items (lower left), and find the Application Control Catalog Item, select it and click OK.



On returning to the ServiceNow tab, the Application Control Catalog Item has been added to the list and can be assigned to one or more devices:

Configure ServiceNow to be compatible with Application Control

The steps for configuring ServiceNow are listed in Creating a new Catalog Item in ServiceNow.

Once these steps are accomplished, the ServiceNow catalog will show an item for Application Control.

  1. Select the Application Control Catalog Item and Edit.

  2. Under Process Engine, select Parameters and edit as needed.


  3. Create the Application Control workflow per the ServiceNow documentation.

  4. Set up anything else that you need, then Save.

ServiceNow is configured for endpoint user requests, see Next Steps for instructions on the requests themselves.

Endpoint User Approval Requests

When a request is made by an endpoint user, an instance can be set up for them and then found in the ServiceNow Open Records > Items list:

For each item, the variables have been pre-populated. The relevant authorizer will log in and approve or deny as required:

Next Steps

To finish setting up the configuration, set the Policy Change Request options for the endpoint.