MFA Enforcement in the Upcoming Yokohama Release question

Mikhail8
Tera Contributor

This KB didn't answer my question:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1700938

We have a system user to generate incidents via rest API, but also some agents use the user to log in to ServiceNow in a Web Browser.

Are Rest API going to work for internal users with basic auth?

2 ACCEPTED SOLUTIONS

Ankur Bawiskar
Tera Patron
Tera Patron

@Mikhail8 

why your agents are having the username and password for that API user? They should not have ideally.

If your user is for solely API then ensure you check this checkbox so that no one can login with that API  user on browser or from UI

Non-interactive sessions 

AnkurBawiskar_0-1747743027848.png

 

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

View solution in original post

Randheer Singh
ServiceNow Employee
ServiceNow Employee

Hi @Mikhail8 ,
From a security best practice perspective, it is not recommended to have a single account for both UI logins as well as integrations. You can create another account for API integrations. MFA enforcement mandate does not impact API logins.

View solution in original post

2 REPLIES 2

Ankur Bawiskar
Tera Patron
Tera Patron

@Mikhail8 

why your agents are having the username and password for that API user? They should not have ideally.

If your user is for solely API then ensure you check this checkbox so that no one can login with that API  user on browser or from UI

Non-interactive sessions 

AnkurBawiskar_0-1747743027848.png

 

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

Randheer Singh
ServiceNow Employee
ServiceNow Employee

Hi @Mikhail8 ,
From a security best practice perspective, it is not recommended to have a single account for both UI logins as well as integrations. You can create another account for API integrations. MFA enforcement mandate does not impact API logins.