ServiceNow Store Certification: iFrame vs. Native Integration Approach?

sabra_gr
Tera Contributor

Hi Servicenow Experts,

 

I'm exploring two approaches for integrating with an external system in a custom ServiceNow application intended for the ServiceNow Store:

  1. iFrame Approach:
    Embed an external web application via an iFrame. This approach handles all integration and authentication externally—the only task in ServiceNow is to provide the iFrame URL (which includes any necessary token).

  2. Native Integration Approach:
    Build the UI and handle the integration (including authentication and API calls) directly within ServiceNow using UI Builder and REST messages.

My questions are:

  • What are the certification implications of using an iFrame versus implementing the integration natively within ServiceNow?
  • Are there known security or performance concerns with either approach from a certification standpoint?
  • Is there any official guidance or best practice documentation that recommends one approach over the other for applications targeting the ServiceNow Store?

Any insights, official resources, or experiences would be appreciated. Thanks!

1 REPLY 1

Mark Manders
Mega Patron

Just my 2 cents (but maybe best to reach out to ServiceNow directly):

Using an iFrame do do stuff on another application will probably raise the eyebrows of people that are checking your 'app' from a security point of view. 
I think you will have a bigger chance of getting it through certification if you build a real integration. Using ServiceNow to access another application is probably not what ServiceNow has in mind for their platform to do.


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark