Ctrlk
Changelog NotificationsAPIAikido login

ServiceNow

This one-time setup per workspace allows everyone in your Aikido organization to create issues directly in ServiceNow.

Following use cases are supported:

  • Automated Ticket Creation: Automatically create and push tickets to ServiceNow for seamless tracking of security issues.

  • Manual Ticket Addition: Manually add security issue tickets to ServiceNow, ensuring targeted attention for critical vulnerabilities.

Aikido currently pushes tickets to the Incident table in ServiceNow. Support for additional tables can be requested via Support.

Prerequisites: Register an OAuth App in ServiceNow

Before connecting Aikido, you'll need to register an OAuth application in your ServiceNow instance to generate a Client ID and Client Secret.

1

Activate the OAuth 2.0 plugin

Log in to your ServiceNow instance and activate the OAuth 2.0 plugin if it isn't already.

2

Enable OAuth system property

In the sys_properties table, set the system property com.snc.platform.security.oauth.is.active to true.

3

Open the Application Registry

Navigate to System OAuth > Application Registry.

4

Create a new OAuth endpoint

Click New, then select Create an OAuth API endpoint for external clients.

5

Configure the application

Set the following fields:

  • Name: A unique name (e.g. Aikido)

  • Client ID: Auto-generated by ServiceNow

  • Client Secret: Auto-generated by ServiceNow

  • Redirect URI: https://unify.apideck.com/vault/callback

  • Refresh Token Lifespan: Time in seconds the refresh token is valid

  • Access Token Lifespan: Set to 3600

  • Scope Restriction: Set to Broadly scoped

The default Securely scoped will cause API calls to fail.

6

Save and copy credentials

Click Submit, then reopen the record to copy the Client ID and Client Secret values.

Note: the ticket creation is linked to the user who has set up the integration. We recommend creating a dedicated 'Aikido' user inside ServiceNow with write access to the Incident table.

Connecting the Aikido App to ServiceNow

1

Open the integration

Navigate to Integration Settings within the Aikido app. In the 'Task Trackers' section, select ServiceNow.

2

Fill in your credentials

Enter your ServiceNow instance name, Client ID, and Client Secret, then click "Save".

Your ServiceNow instance name is the subdomain in your admin URL (e.g. dev394641 from https://dev394641.servicenow.com).

3

Authorize the connection

Click "Authorize" to grant Aikido access to your ServiceNow instance.

4

Confirm

Click "Save" once more to complete the setup. Aikido is now connected to ServiceNow.

Options for Task Creation in ServiceNow via Aikido

There are two different options to create new tasks from Aikido into ServiceNow.

1. Manual Task Creation

  1. Hover over any issue in your feed and click the + in the assign column. Alternatively, you can click the triple dots in the last column to open up the action menu. If you have grouped issues, the triple dot action menu is available on every subissue.

  2. Fill in the required details in the popup modal.

  3. The newly created task in ServiceNow will be linked in the Aikido Issue Detail under the 'Tasks' tab.

2. Automated Task Creation

Aikido will automatically create tasks every hour in bulk. There is at the moment no option to trigger this manually.

  1. Go to the ServiceNow Integration settings

  2. Make sure to enable 'Autocreation' by clicking the toggle to On.

  3. Define the criteria for automatic task creation.

You can configure all of these settings in the autocreation modal:

  • On/Off — Enable or disable autocreation. When off, the threshold is effectively set to None.

  • Severity threshold — Create tickets for issues at Critical, High, Medium, or Low and above. For example, High creates tickets for High and Critical.

  • Issue types — Create tickets for all issue types, or limit them to specific types like SCA, SAST, Secrets, Cloud, IaC, Malware, or License.

  • Daily limit — Set the maximum number of tickets created per day. The default is 25. Some plans support higher limits.

  • Ticket creation mode — Create one ticket per issue group, or create separate tickets per location or scope. Per-location mode can create more tickets.

  • Scope — Available only in per-location mode. Target all repos or clouds, only mapped repos or teams, or specific repos or clouds with include and exclude lists.

  1. Aikido will autonomously generate ServiceNow tickets hourly until the configured daily limit of tasks is reached.

ServiceNow Sync

Aikido automatically syncs a couple of fields to ServiceNow:

  • Severity is mapped to the 'Priority' field in ServiceNow

  • Assignees are synced both ways (so updates in ServiceNow will be reflected in Aikido too)

Last updated

Was this helpful?