Hi @pramn,

Please follow these below steps:

To pull Azure Security Groups into ServiceNow using a Business Rule, you would typically set up a Business Rule that triggers based on specific conditions (like record creation or updates). Here's how to achieve this:

### 1. **Set Up Azure AD Application**

Follow the steps outlined previously to register an application in Azure AD, create a client secret, and set permissions to read groups.

### 2. **Create a Business Rule in ServiceNow**

1. **Navigate to Business Rules**:
- Go to **System Definition** > **Business Rules** in ServiceNow.
- Click on **New** to create a new Business Rule.

2. **Define Business Rule Properties**:
- **Name**: Provide a name for your Business Rule (e.g., "Pull Azure Security Groups").
- **Table**: Select a table to trigger this Business Rule (e.g., `sys_user` if you want to pull groups when a user is created).
- **When**: Choose when to run the rule (e.g., after).
- **Insert**: Check this if you want it to trigger on record insert.

### 3. **Write the Business Rule Script**

In the **Script** section of the Business Rule, you can write a script similar to the following:

```javascript
(function execute(current, previous /*null when async*/) {
var client_id = 'YOUR_CLIENT_ID';
var client_secret = 'YOUR_CLIENT_SECRET';
var tenant_id = 'YOUR_TENANT_ID';

var token_url = 'https://login.microsoftonline.com/' + tenant_id + '/oauth2/v2.0/token';
var resource = 'https://graph.microsoft.com/.default';

// Request to get the access token
var tokenRequest = new sn_ws.RESTMessageV2();
tokenRequest.setEndpoint(token_url);
tokenRequest.setHttpMethod('POST');
tokenRequest.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
tokenRequest.setRequestBody('client_id=' + client_id +
'&scope=' + resource +
'&client_secret=' + client_secret +
'&grant_type=client_credentials');

var tokenResponse = tokenRequest.execute();
var responseBody = tokenResponse.getBody();
var jsonResponse = JSON.parse(responseBody);
var accessToken = jsonResponse.access_token;

// Request to get the Azure Security Groups
var groupRequest = new sn_ws.RESTMessageV2();
groupRequest.setEndpoint('https://graph.microsoft.com/v1.0/groups');
groupRequest.setHttpMethod('GET');
groupRequest.setRequestHeader('Authorization', 'Bearer ' + accessToken);

var groupResponse = groupRequest.execute();
var groupBody = groupResponse.getBody();

// Parse the groupBody and insert into ServiceNow
var groups = JSON.parse(groupBody).value;
for (var i = 0; i < groups.length; i++) {
var group = groups[i];

// Create a record in a table (e.g., custom table for Azure groups)
var azureGroup = new GlideRecord('u_azure_security_group');
azureGroup.initialize();
azureGroup.u_group_id = group.id; // Map Azure group ID
azureGroup.u_group_name = group.displayName; // Map Azure group name
azureGroup.insert();
}
})(current, previous);
```

### 4. **Test Your Business Rule**

1. **Create or Update a Record**: Perform the action that triggers your Business Rule.
2. **Check the Target Table**: Verify that Azure Security Groups are being inserted into the designated table in ServiceNow.

### 5. **Error Handling and Logging**

Ensure to add error handling and logging to capture any issues. For example, you can log errors using `gs.error()`.

### 6. **Schedule or Optimize Triggering (Optional)**

If pulling all Azure Security Groups on every insert is too intensive, consider using a scheduled job instead of a Business Rule, or refine the conditions for triggering.

By following these steps, you can effectively pull Azure Security Groups into ServiceNow using a Business Rule. Make sure to customize the script and table names as needed for your environment!

Please accept my resolution if it resolves your problem.

Thanks

Jitendra

Hi @pramn check below link may help you

https://www.servicenow.com/community/member-feedback-forum/linking-ad-azure-ad-groups-to-servicenow-....

https://docs.servicenow.com/bundle/xanadu-it-asset-management/page/product/software-asset-management...