Is Admin access mandatory for Service Account used for ServiceNow & Jira Integration?

yasmah · ‎06-23-2022

We have a Integration with Jira.

We are using Jira webhook to push updates from Jira to ServiceNow.

And to send updates from ServiceNow to Jira we have setup a rest API.

We are using a Service Account for this Rest API and a token from JIRA is used as a password.

However, the issue is for the integration to work the Service Account needs Admin access.

We referred to this youtube video for setting up integration ( https://www.youtube.com/watch?v=lqnOurQlM_U&t=676s )

Now, as the Service Account needs Admin access, the security team does not agree on providing the access.

Is there any document stating / referring that Admin access is mandatory, which can be presented to security team?

Please help. URGENT!!!

CR · ‎06-24-2022

The standard approach is to assign as little access as needed. So start with the least roles you think are required, test the web service, then add additional roles until you get the functionality you need.

Note: snc_platform_rest_api_access.

Just make sure you tick the Web service access only checkbox on the User record for your JIRA service account. This will prevent users from logging into the UI with that account.

You might also need to check that the specific Tables allow web service access by looking at the Table record.

yasmah · ‎06-26-2022

Hi CR,

We tried that already, but the integration didn't work. So we had to go for admin access on both ends.

Now we need to support our decision of giving admin access to service account with some valid documentation around it to the customer.

Abhay Kumar1 · ‎06-26-2022

You can create a new user like 'API Jira', you can add appropriate role like if incident creation required 'inc_resolver'. Admin role not required as i belive you wil be using api for some specific purpose. Hope this will help.