- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-20-2025 05:06 AM
This KB didn't answer my question:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1700938
We have a system user to generate incidents via rest API, but also some agents use the user to log in to ServiceNow in a Web Browser.
Are Rest API going to work for internal users with basic auth?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-20-2025 05:10 AM
why your agents are having the username and password for that API user? They should not have ideally.
If your user is for solely API then ensure you check this checkbox so that no one can login with that API user on browser or from UI
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-22-2025 12:41 AM
Hi @Mikhail8 ,
From a security best practice perspective, it is not recommended to have a single account for both UI logins as well as integrations. You can create another account for API integrations. MFA enforcement mandate does not impact API logins.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-20-2025 05:10 AM
why your agents are having the username and password for that API user? They should not have ideally.
If your user is for solely API then ensure you check this checkbox so that no one can login with that API user on browser or from UI
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-22-2025 12:41 AM
Hi @Mikhail8 ,
From a security best practice perspective, it is not recommended to have a single account for both UI logins as well as integrations. You can create another account for API integrations. MFA enforcement mandate does not impact API logins.