Servicenow CMDB integration

Berlin Russel · 3 weeks ago

I am integrating service now cmdb into my platform using the api calls. i would like to what's the preferrable api to interact with service now. The purpose of integration is to fetch configuration items from the ServiceNow CMDB. Im currently using Table API for fetching the CIs, is it recommended or should i switch to any other api like instance api.
Moreover, i would like to know whether a low privileged user, an user who has access to one of child CI table, can be configured to access cmdb_ci base table in ACL?

Vishnu-K · 2 weeks ago

Hi @Berlin Russel ,

You can use table api but servicenow already provides an out of box api for getting the cmdb data which is "CMDB Instance API" , So i suggest you to use this instance api.

Base URL : https://<instance>.service-now.com/api/now/cmdb/instance/{classname}

In the path parameter you have to provide the class name at the end then you can get the data of that CMDB table.

And why i suggest you go with the CMDB Instance api is because from this api :

->Designed specifically for CMDB records and their relationships.
->You can get the different table values just by changing the table name.

->You can get the attributes and the relation ships of the record which would be very useful if you want to have clear picture of what is related to what like that.

Yes, a low-privileged user with access to a child CI table can be configured to access the cmdb_ci base table via ACL but you can just give the cmdb_read role to that specific user so that he can have read access to all the cmdb tables .

Hope this helps you, Please do mark it as helpful . And accept the solution.

Regards,
Vishnu

Rainer Alföldi · a week ago

Good question. Both Table API and CMDB Instance API return reference fields as links, not resolved data. So for each reference (assigned_to, location, manufacturer, model, etc.) you need a separate API call to get the actual values. Same for relationships via cmdb_rel_ci — you get the relation, but resolving the target CIs requires additional calls. For a fully populated CI with all references and relations, you are typically looking at 8-11 chained requests and significantly more when relations are involved.

This is a known challenge when providing CMDB data to external platforms. We had the exact same challenge at a customer with 30 external systems and ended up building Squid specifically for this — it is a certified ServiceNow Store app that resolves all references and relations server-side and returns everything in a single structured JSON response. Might be worth a look depending on your scale.

Regarding your ACL question: yes, a low-privileged user can be configured to query cmdb_ci with appropriate ACL rules, but the child table access does not automatically grant base table access. You will need explicit ACL entries.

Rainer Alföldi
Founder, arc46 — Squid | No-Code ServiceNow Data Integration

piyush-verma · a week ago

Hi @Berlin Russel

Table API is totally fine for fetching CI records and is the most common choice. If you also need relationships or CMDB‑specific operations, the CMDB Instance API is designed for that.

For the ACL question: access to a child CI table does not give automatic access to cmdb_ci. You need a dedicated read ACL (either on the child CI classes or on the base table, depending on your needs). That’s the cleanest and safest way to handle low‑privilege integration users.