MFA Enforcement in the Upcoming Yokohama Release question

Go to solution
Mikhail8
Tera Contributor

‎05-20-2025 05:06 AM

This KB didn't answer my question:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1700938

We have a system user to generate incidents via rest API, but also some agents use the user to log in to ServiceNow in a Web Browser.

Are Rest API going to work for internal users with basic auth?

0 Helpfuls
  • 418 Views
2 ACCEPTED SOLUTIONS

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎05-20-2025 05:10 AM

@Mikhail8 

why your agents are having the username and password for that API user? They should not have ideally.

If your user is for solely API then ensure you check this checkbox so that no one can login with that API  user on browser or from UI

Non-interactive sessions 

AnkurBawiskar_0-1747743027848.png

 

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

View solution in original post

Go to solution
Randheer Singh
ServiceNow Employee
ServiceNow Employee

‎05-22-2025 12:41 AM

Hi @Mikhail8 ,
From a security best practice perspective, it is not recommended to have a single account for both UI logins as well as integrations. You can create another account for API integrations. MFA enforcement mandate does not impact API logins.

View solution in original post

2 REPLIES 2

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎05-20-2025 05:10 AM

@Mikhail8 

why your agents are having the username and password for that API user? They should not have ideally.

If your user is for solely API then ensure you check this checkbox so that no one can login with that API  user on browser or from UI

Non-interactive sessions 

AnkurBawiskar_0-1747743027848.png

 

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

Go to solution
Randheer Singh
ServiceNow Employee
ServiceNow Employee

‎05-22-2025 12:41 AM

Hi @Mikhail8 ,
From a security best practice perspective, it is not recommended to have a single account for both UI logins as well as integrations. You can create another account for API integrations. MFA enforcement mandate does not impact API logins.