ServiceNow integration: ServiceNow Configuration

By Emalee Firestein

Learn how to set up ServiceNow for integration with Kandji

Before completing the integration in Kandji, you will need to install the Kandji ServiceNow application in the ServiceNow Integration Hub, create an OAuth API application, and add a service account user in your ServiceNow console.

Install the Kandji ServiceNow App

If not already, you will need to install the Kandji ServiceNow Integration Hub app in your ServiceNow instance. Installing the app will set up some of the required dependencies in your ServiceNow tenant.

  1. Go to the ServiceNow store.
  2. Find Kandji.
  3. Install the Kandji integration application by clicking on Get. You may need to authenticate to the ServiceNow store before being able to install the app. The credentials used should have the ability to install Integration Hub Store apps.

Create an OAuth App

Kandji uses a ServiceNow OAuth API client that leverages the Grant Type “Resource Owner Password Credentials (ROPC)” to request access and refresh tokens to interact with the ServiceNow instance.

  1. Using a ServiceNow admin account, log in to your ServiceNow tenant ({yourtenant}
  2. In the Filter navigator, search for System OAuth.
  3. Click Application Registry.
  4. Click Create an OAuth API endpoint for external clients.

  5. Give the OAuth app a name. (Example: kandji_oauth_api)

  6. In the Redirect URL field enter

  7. Click Submit.

  8. Go back to the OAuth app that you just created.

  9. Highlight and copy the Client ID.

  10. Reveal the Client Secret by clicking the padlock.

  11. Highlight and copy the Client Secret, or optionally, If you enter your own client secret, be sure to click update to save the change.

Adding a Service Account

The service account user credentials are used to configure the ServiceNow integration in Kandji.

Any ServiceNow user account can be used as long as it has access to web services, and has the following roles assigned: cmdb_read, import_transformer, and rest_api_explorer. However, In general, it is good practice to create separate service accounts for each integration.
  1. Using a ServiceNow admin account, log in to your ServiceNow tenant ({yourtenant}
  2. In the Filter navigator, search for Users.
  3. Under User Administration, click Users.
  4. Click New to add a new user.

  5. Enter a descriptive name for the user. (Example: kandji_rest_api_user). Copy the username to a safe place. You will use this credential when setting up the integration in Kandji.

    • Optionally, enter any additional information required by your organization.
  6. Be sure to select Web service access only.

  7. Click Submit.

  8. Click on the new user that was just created, and click Set Password.

  9. Click Generate to create the new password.

  10. Copy the new password.

  11. Click Save Password. Be sure to save this password in a safe place. This password will be used in Kandji when configuring the ServiceNow integration.

  12. Click Close to go back to the Users page.

  13. While still on the user page, go to Roles.

  14. Click Edit.

  15. Add the following roles to the service account user.

    • cmdb_read
    • import_transformer
    • rest_api_explorer
  16. There should be a total of six new roles assigned. Three assigned and three inherited.

  17. To complete the user creation, click Save.


Verify that Kandji is a Discovery Source

  1. In ServiceNow, enter Dictionary in the Filter navigator.
  2. Under System Definition, click Dictionary.
  3. In the Dicionary Entires search ensure that Column name is selected and then enter the column name dicovery_source.
  4. Click on the cmdb_ci table.

  5. Scroll down and select the Choices tab.

  6. Make sure that Kandji is listed. If you do not see Kandji right away you can search for the Label Kandji.

If Kandji does not show up as a Discovery Source

This section describes how to run the kandji_fix_script manually in the event that Kandji does not automatically show up as a Discovery Source after installation of the Kandji Integration Hub application.

  1. In ServiceNow, enter Fix Script in the Filter navigator.
  2. Under System Definition, click Fix Scripts.
  3. In the Fix Scripts search ensure that Name is selected and then enter the fix script name kandji_fix_script.
  4. Click on the kandji_fix_script table.

  5. Click Run Fix Script.

  6. In the Run Fix Script modal, click Proceed in Background.

Now Kandji should be listed as a Discovery source choice in ServiceNow.

Up next

Kandji Configuration for the Kandji ServiceNow integration.