Hi @Nisha30 ,

1. Do we need OAuth or just an Azure Service Principal?

You need both. They work together. This is not an either or decision.

How it works

• First create an Azure Service Principal in Azure AD.

• The Service Principal provides a Client ID also called Application ID.

• It also provides a Client Secret.

• In ServiceNow you configure an OAuth 2.0 credential using those values.

• ServiceNow uses the OAuth 2.0 Client Credentials grant type.

• It sends the Client ID and Client Secret to Azure.

• Azure returns a temporary Access Token.

• ServiceNow uses that Access Token to call Azure APIs securely.

The Service Principal provides the identity. OAuth provides the token based authentication mechanism.

Guided Setup

During Guided Setup you will be asked to enter:

• Client ID

• Client Secret

These values are used to configure the OAuth credential record inside ServiceNow.

2. Do we need a MID Server?

No, a MID Server is not required.

The Azure Service Graph Connector is designed to make direct REST API calls from your ServiceNow instance to:

• Azure Management API

• Azure Log Analytics API

It does not rely on traditional IP based discovery.

3. When would a MID Server be needed?

A MID Server becomes optional or necessary only in specific scenarios.

Network restrictions

• If your organization blocks outbound connections from ServiceNow to public Azure APIs.

Deep discovery use case

• If you plan to combine the connector with traditional Discovery.

• If you require IP based scanning.

• If you need OS level details such as running processes or installed software.

The Service Graph Connector collects cloud metadata through APIs but does not perform deep OS level interrogation by default.

If this answers your question, please mark it as helpful and accept the solution for better community visibility.

Thanks,

Vishnu