- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-12-2017 02:23 AM
Hi everyone,
We are evaluating ServiceNow to use it for our ITSM and Request Fulfillment. I need to know when we need to use MID server and when we don't need.
If we have service or application (for example HPSM or other system) which has been exposed to Internet (API -REST or SOAP- endpoints are accessible from Internet), Do we still need to use MID server?
If we want to access or ServiceNow instance, is there any public endpoints for that or we need to go through MID-Server?
What is the best practices?
appreciate all kind of advice.
Thanks
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-12-2017 04:34 PM
HI Kourosh,
A MID Server is only necessary if you are trying to access resources that are not available to the ServiceNow instance. If your web service endpoints are available from the Internet then you can consume them from your ServiceNow instance directly.
You do not need a MID server to access your instance either. You will generally need to authenticate, but you can create APIs that are fully public if you have a use case.
You would typically only need a MID Server when you would like your ServiceNow instance to initiate communication with a device that would normally not be available due to firewall restrictions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-12-2017 04:34 PM
HI Kourosh,
A MID Server is only necessary if you are trying to access resources that are not available to the ServiceNow instance. If your web service endpoints are available from the Internet then you can consume them from your ServiceNow instance directly.
You do not need a MID server to access your instance either. You will generally need to authenticate, but you can create APIs that are fully public if you have a use case.
You would typically only need a MID Server when you would like your ServiceNow instance to initiate communication with a device that would normally not be available due to firewall restrictions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-12-2017 11:55 PM
Thank you Robert,
Ok, Now I understand that from SN instance I can access endpoints that are exposed to Internet without needing MID server and if I understand you correctlly we can access SN instance's endpoint if they are public.
But if we create endpoints on our ServiceNow Instance (or our on-premise services), they must meet our security principles which means among others these endpoints must be secured by OAuth 2.0 authentication. So when our applications call endpoints on SN instance must have a valid access token (from our IAM platform) to be able to consume these endpoints and when SN instance calls on-premise endpoints the request must have a valid token (from our IAM platform) as well. Does SN instance manage it?
thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-13-2017 12:11 AM
ServiceNow can be both an OAuth 2.0 provider and/or client so it should it should be able to fulfill your needs (depending on the required grant type). In my experience, SN is extremely customizable. If out of box doesn't fit your needs, you can script your own outbound REST messages and inbound Scripted REST APIs to fit any need.
Reference: OAuth 2.0
