Interview Question for ServiceNow Developer | 3-6 Years Experience

MohammadAtR · 3 weeks ago

Hi There,

Recently I attended interview for ServiceNow Developer and the question which I faced are:

1. Set Incidents as inactive if Problem is closed.

2. Types of Business Rule and explain each.

3. Types of Client Script and explain each.

4. What is GlideAjax?

5. Define UI Policy and Data Policy.

6. Any Recent Integration.

7. Types of Authentication?

8. How to Setup OAuth?

9. What is g_scratchpad?

10. Types of Error Codes & Success Code?

11. ACL order of execution?

12. How to call flow from script?

13. Move attachment internally in ServiceNow

14. Send Attachment through outbound REST integration

15. Types of Transform Script?

Please mark this as helpful if it helped you in your interview preparation.

MohammadAtR · 3 weeks ago

Set Incidents as inactive if Problem is closed.

Ans. var prb = new GlideRecord('problem');

prb.addQuery('active',false);

prb.query();

while(prb.next()) {

gs.print("Processed Problems "+prb.number);

var inc = new GlideRecord('incident');

inc.addQuery('problem_id',prb.getUniqueValue());

inc.addActiveQuery();

inc.query();

while(inc.next()) {

gs.print(inc.number);

inc.state=7;

inc.close_notes='Closed in association with '+prb.number;

inc.close_code='Closed';

inc.update();

}

Types of Business Rule and explain each.

Ans.

Type	When it runs	Primary Use Case
Before	After clicking save, before the database update.	Validating data or auto-filling fields on the current record.
After	After the database update is committed.	Updating related records (e.g., closing child tasks).
Async	In the background (queued) after the save.	Heavy integrations or calculations that shouldn't slow the user down.
Display	When the form loads.	Passing server data to the client via g_scratchpad.
Query	Before a list or glide is fetched.	Data security (restricting which records a user can see).

Types of Client Script and explain each.

Ans.

Type	When it runs	Primary Use Case
onLoad	When the form first opens.	Setting initial field visibility, read-only status, or messages.
onChange	When a specific field changes.	Updating field B based on what the user typed in field A.
onSubmit	When the user clicks Save/Submit.	Final validation to stop the save if data is incorrect.
onCellEdit	In a List View (double-click).	Controlling or preventing changes made from the list.

What is GlideAjax?

Ans. GlideAjax is a ServiceNow class that allows a Client Script to call Server-Side code (a Script Include) and get data back without refreshing the page.

It is the standard, high-performance way to bridge the gap between the browser and the database.

Define UI Policy and Data Policy.

Ans. A UI Policy runs client-side in the browser to make fields mandatory, read-only, or hidden on the form. However, because it only exists on the front end, it can be completely bypassed by integrations or data imports. A Data Policy, on the other hand, runs server-side to protect the database. It enforces mandatory and read-only rules no matter how the data enters the system

Any Recent Integration.

Ans. Walkthrough any recent integration on PDI but interviewer expects real world scenario.

Types of Authentication?

Ans. Basic and OAuth 2.0

How to Setup OAuth?

Ans. > Ensure OAuth 2.0 plugin is installed and check ‘sys_properties.list’ has ‘com.snc.platform.security.oauth.is.active’ is true

> System OAuth->Application Registry->New

What is g_scratchpad?

Ans. g_scratchpad is an OOB JavaScript object in ServiceNow that passes data from the server to the client during form load, without requiring a GlideAjax Call.

Types of Error Codes & Success Code?

Ans.

> 200 – OK (Request Succeeded)

> 201 – Created (New resource created)

> 204 – No Content (No Content to return)

> 400 – Bad Request (Server could not understand the request)

> 401 – Unauthorized (Invalid credential)

> 404 – Not Found(Requested resource could not be found)

> 500 – Internal Server Error

ACL order of execution?

Ans.

Table-level ACL Evaluation: The system first checks for ACLs on the entire table.
Record-level ACL Evaluation: Ater the table ACLs, the system evaluates record specific ACLS.
Field-level ACL Evaluation: Finally, the system checks the field specific ACLS for any restrictions on individual fields.
How to call flow from script?

Ans. Depends on synchronous or asynchronous calls,

“sn_fd_FlowAPI”

Synchronously:

>sn_fd_FlowAPI.executeFlow(flow name,inputs)

>sn_fd_FlowAPI.executeSubFlow(subflow name,inputs)

>sn_fd_FlowAPI.executeAction(action name,inputs)

Asynchronously:

>sn_fd_FlowAPI.startFlow(flowname,inputs)

>sn_fd_FlowAPI.startSubFlow(subflow name,inputs)

>sn_fd_FlowAPI.startAction(action name,inputs)

Example, execute a global flow called ‘test_flow’, then sn_fd.FlowAPI.executeFlow(‘global.test_flow’,inputs);

Move attachment internally in ServiceNow

Ans. Use GlideSysAttachment()

Example,

var att = new GlideSysAttachment();

var incsys = “some sys_id of inc”;

var inc = new GlideRecord(‘incident’);

inc.get(incsys);

var copyAtt = att.copy(‘incident’,incsys,’problem’,inc.getValue(‘problem_id’);

Send Attachment through outbound REST integration

Ans. Using /now/attachment/file in POST

Uploads specific binary file as an attachment to a specific record.

Types of Transform Script?

Ans.

>onStart

>onAfter

>onBefore

>onChoiceCreate

>onComplete

>onForeignInsert

>onReject

Please mark this as helpful if this helped you in your interview preparation.

All the best!

View solution in original post

lauri457 · 3 weeks ago

With 3+ years of experience one should probably be aware that nested queries should be avoided. In a one off example like this it doesn't matter as much sure but it is probably the most common blunder on every implementation. With a nested query there will be a separate query for every problem first to get the related incidents and then to update the incidents one by one. There are many ways to optimize here like utilizing updateMultiple as the problem number is already in the problem_id field.

Here are some other patterns to consider for the query:

Subquery with addJoinQuery

var incGr = new GlideRecord("incident")
incGr.addJoinQuery("problem", "problem_id", "sys_id").addCondition("active", 0)
incGr.addActiveQuery()
incGr.query()
while (incGr.next())
	gs.info(incGr.getDisplayValue("problem_id"))

-- Query 1:
SELECT
    task0.sys_id
FROM
    task task0
WHERE
    task0.sys_class_name = 'incident'
    AND task0.a_ref_1 IN (
        SELECT
            task0.sys_id
        FROM
            task task0
        WHERE
            task0.sys_class_name = 'problem'
            AND task0.active = 0
    )
    AND task0.active = 1;

-- Query 2:
SELECT
    task0.*
FROM
    task task0
WHERE
    task0.sys_class_name = 'incident'
    AND task0.sys_id IN (
        --sysids
    );

Relying on joins by using a dotwalked condition.

var incsGr = new GlideRecord("incident")
incsGr.addActiveQuery()
	.addCondition("problem_id.active", 0)
incsGr.addExtraField("problem_id.number")
incsGr.query()
while (incsGr.next())
	gs.info(incsGr.getDisplayValue("problem_id"))

-- Query 1:
SELECT
    task0.sys_id
FROM
    task task0
    LEFT JOIN task task1 ON task0.a_ref_1 = task1.sys_id
WHERE
    task0.sys_class_name = 'incident'
    AND task0.active = 1
    AND task1.active = 0;

-- Query 2:
SELECT
    task0.*,
    task1.number AS problem_id_number,
    task1.sys_id AS problem_id_sys_id,
    task1.sys_class_name AS problem_id_sys_class_name
FROM
    task task0
    LEFT JOIN task task1 ON task0.a_ref_1 = task1.sys_id
WHERE
    task0.sys_class_name = 'incident'
    AND task0.sys_id IN (
        --sysids
    );

Everybody's favourite:

var prb = new GlideRecord('problem'), arr = [];
prb.addInactiveQuery();
prb.query();
while (prb.next()) {
	arr.push(prb.getUniqueValue())
}
var inc = new GlideRecord('incident');
inc.addQuery('problem_id', "IN", arr.toString());
inc.addActiveQuery();
inc.query();
while (inc.next()) {
	//gs.info(inc.getDisplayValue("problem_id"))
}

MohammadAtR · 3 weeks ago

Thanks @lauri457 , I will definitely try these out...

suraj sengar · 3 weeks ago

@MohammadAtR - Thanks for sharing valuable information.

Vaishnavi Lathk · 3 weeks ago

Hello @MohammadAtR,

1) Set Incidents as inactive if the problem is closed

Use a business rule on the problem table:

Trigger: After Update

Condition: State = Closed

Script:

var gr = new GlideRecord('incident'); gr.addQuery('problem_id', current.sys_id); gr.query(); while(gr.next()){ gr.active = false; gr.update(); }

2) Types of Business Rules

Before—Executes before a record is saved. This type of rule can either modify values or prevent action.

After—Executes after the record is saved. This is typically used for notifications or related records.

Async—Runs in the background after the record is saved. Good for performance-intensive tasks.

Display—Executes when a form is loaded. Used to populate g_scratchpad for client scripts.

3) Types of Client Scripts

onLoad—Runs when the form loads. Used to manipulate fields.

onChange—Runs when a field value changes.

onSubmit—Runs before form submission. Can validate fields.

onCellEdit—Runs when a field is edited in a list view.

4) What is GlideAjax?

GlideAjax is used to call server-side scripts from client scripts asynchronously.

Process:

The client calls GlideAjax and specifies Script Include.

Server Script Include process requests and return responses.

var ga = new GlideAjax('MyScriptInclude'); ga.addParam('sysparm_name', 'getData'); ga.getXMLAnswer(function(response){ alert(response); });

5) Define UI Policy and Data Policy

UI Policy—Controls form field behavior (visible, mandatory, read-only) on the client side.

Data Policy—Ensures data consistency at the server level. Mandatory for both forms and imports.

6) Any Recent Integration

Example: REST Integration with Jira

ServiceNow as client → Jira REST API → Create/Update tickets.

Use REST Message, authentication (Basic/OAuth), and scheduled jobs or flows.

7) Types of Authentication

Basic Authentication – Username & password.

OAuth 2.0 – Token-based authentication for secure API access.

SAML – Single Sign-On (SSO).

LDAP – Active Directory integration.

How to Set Up OAuth

Create an OAuth provider (like Google/Jira).

Create an OAuth client profile in ServiceNow.

Use Client ID & Secret in REST Message or IntegrationHub.

Test connection → Retrieve Access Token → Use in API calls

9) What is g_scratchpad

g_scratchpad is a temporary storage object in Business Rules (Display) to send data from server to client scripts without additional queries.

// Business Rule (Display)
g_scratchpad.myVar = current.short_description;

// Client Script
alert(g_scratchpad.myVar);

10) Types of Error Codes & Success Codes

HTTP Success Codes: 200 OK, 201 Created, 204 No Content

HTTP Error Codes: 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, 500 Internal Server Error

11) ACL Order of Execution

Table-level ACL—Check create, read, and write.
Field-level ACL—Specific field permission.
Conditional and Scripted ACLs—evaluated in order.
The most restrictive rule applies.

12) How to call flow from script

Use Flow API:FlowAPI.trigger()

var inputs = {};
inputs.incident_id = current.sys_id;
var flow = new sn_fd.FlowAPI().trigger('flow_sys_id', inputs);

13) Move attachment internally in ServiceNow

var gr = new GlideRecord('incident');
gr.get('sys_id', incidentSysId);

var ga = new GlideSysAttachment();
var attachment = ga.getBytes('sys_id_of_attachment');
ga.write('new_table', new_record_sys_id, 'file_name', attachment);

14) Send Attachment through outbound REST integration

Use the REST Message and Attachment API.

Steps:

Convert attachment to base64
Pass in REST request body

var grAttachment = new GlideSysAttachment();
var bytes = grAttachment.getBytes('sys_id');
var encoded = GlideStringUtil.base64Encode(bytes);

15) Types of Transform Script

onBefore—Runs before a record is inserted/updated during import.
onAfter—Runs after a record is inserted/updated.
onStart—Runs at the beginning of import.
onComplete—Runs after import completes.

Thanks

MohammadAtR · 3 weeks ago

Thanks @Vaishnavi Lathk