connection between servicenow and azure

pramn
Tera Guru

Guys , 

how do i make a connection between Servicenow and Azure to Pull Azure Security Groups to SNOW?

much appreciated your help in this .

3 REPLIES 3

Abbas_5
Tera Sage
Tera Sage

Hello @pramn,

Please refer to the links below:
https://www.servicenow.com/community/servicenow-impact-forum/integrate-azure-ad-with-servicenow/td-p...
https://www.servicenow.com/community/member-feedback-forum/linking-ad-azure-ad-groups-to-servicenow-...


If it is helpful, please mark it as helpful and accept the correct solution. In future, it might be helpful for someone to refer to this solution.

Thanks & Regards,

Abbas Shaik

Jitendra Diwak1
Kilo Sage

Hi @pramn,

 

Please follow these below steps:

 

To pull Azure Security Groups into ServiceNow using a Business Rule, you would typically set up a Business Rule that triggers based on specific conditions (like record creation or updates). Here's how to achieve this:

### 1. **Set Up Azure AD Application**

Follow the steps outlined previously to register an application in Azure AD, create a client secret, and set permissions to read groups.

### 2. **Create a Business Rule in ServiceNow**

1. **Navigate to Business Rules**:
- Go to **System Definition** > **Business Rules** in ServiceNow.
- Click on **New** to create a new Business Rule.

2. **Define Business Rule Properties**:
- **Name**: Provide a name for your Business Rule (e.g., "Pull Azure Security Groups").
- **Table**: Select a table to trigger this Business Rule (e.g., `sys_user` if you want to pull groups when a user is created).
- **When**: Choose when to run the rule (e.g., after).
- **Insert**: Check this if you want it to trigger on record insert.

### 3. **Write the Business Rule Script**

In the **Script** section of the Business Rule, you can write a script similar to the following:

```javascript
(function execute(current, previous /*null when async*/) {
var client_id = 'YOUR_CLIENT_ID';
var client_secret = 'YOUR_CLIENT_SECRET';
var tenant_id = 'YOUR_TENANT_ID';

var token_url = 'https://login.microsoftonline.com/' + tenant_id + '/oauth2/v2.0/token';
var resource = 'https://graph.microsoft.com/.default';

// Request to get the access token
var tokenRequest = new sn_ws.RESTMessageV2();
tokenRequest.setEndpoint(token_url);
tokenRequest.setHttpMethod('POST');
tokenRequest.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
tokenRequest.setRequestBody('client_id=' + client_id +
'&scope=' + resource +
'&client_secret=' + client_secret +
'&grant_type=client_credentials');

var tokenResponse = tokenRequest.execute();
var responseBody = tokenResponse.getBody();
var jsonResponse = JSON.parse(responseBody);
var accessToken = jsonResponse.access_token;

// Request to get the Azure Security Groups
var groupRequest = new sn_ws.RESTMessageV2();
groupRequest.setEndpoint('https://graph.microsoft.com/v1.0/groups');
groupRequest.setHttpMethod('GET');
groupRequest.setRequestHeader('Authorization', 'Bearer ' + accessToken);

var groupResponse = groupRequest.execute();
var groupBody = groupResponse.getBody();

// Parse the groupBody and insert into ServiceNow
var groups = JSON.parse(groupBody).value;
for (var i = 0; i < groups.length; i++) {
var group = groups[i];

// Create a record in a table (e.g., custom table for Azure groups)
var azureGroup = new GlideRecord('u_azure_security_group');
azureGroup.initialize();
azureGroup.u_group_id = group.id; // Map Azure group ID
azureGroup.u_group_name = group.displayName; // Map Azure group name
azureGroup.insert();
}
})(current, previous);
```

### 4. **Test Your Business Rule**

1. **Create or Update a Record**: Perform the action that triggers your Business Rule.
2. **Check the Target Table**: Verify that Azure Security Groups are being inserted into the designated table in ServiceNow.

### 5. **Error Handling and Logging**

Ensure to add error handling and logging to capture any issues. For example, you can log errors using `gs.error()`.

### 6. **Schedule or Optimize Triggering (Optional)**

If pulling all Azure Security Groups on every insert is too intensive, consider using a scheduled job instead of a Business Rule, or refine the conditions for triggering.

By following these steps, you can effectively pull Azure Security Groups into ServiceNow using a Business Rule. Make sure to customize the script and table names as needed for your environment!

 

Please accept my resolution if it resolves your problem.

 

Thanks

Jitendra

Please accept my solution if it works for and thumps up.