SSO / LDAP Authentication with inbound REST API

ilkka · ‎10-08-2019

Hi,

Is it possible to use REST API with SSO authentication? I have AD which is master for user data. Service account is created into ServiceNow using AD integration (no local password). Is it possible to use this service account with ServiceNow REST API?

I have tried to pull data using table api but i receive status 200 but no results.

Thanks

ilkka · ‎10-18-2019

Hi,

I have now tested that when I create a filter in LDAP users transform map that when it handles service account it doesn't write anything into the sys_user.source field then the local password works and the user records get updated through integration. One thing that I didn't find is the procedure that overwrites the user's local password when there is value in sys_user.source field.

View solution in original post

DScroggins · ‎10-08-2019

Hello,

Unfortunately REST API only authenticates using local user accounts and not against any identity providers you have configured with your instance.

--David

ilkka · ‎10-08-2019

Ok thanks! I was guessing that too. So is it enough that I create local password for the SSO user or do i need to create new user? How the system determines that the user is authenticating against LDAP / SSO?

DScroggins · ‎10-08-2019

I believe you will need to create a new user record as LDAP / SSO users are synced with the instance and therefore attempting to create a local password for SSO user will not work.

ilkka · ‎10-18-2019

Hi,

I have now tested that when I create a filter in LDAP users transform map that when it handles service account it doesn't write anything into the sys_user.source field then the local password works and the user records get updated through integration. One thing that I didn't find is the procedure that overwrites the user's local password when there is value in sys_user.source field.