Connect MCP clients to your ServiceNow MCP Server with CIMD

Randheer Singh

If you've stood up an MCP server with MCP Server Console, you know the last mile is connecting a client to it over OAuth. Traditionally that means creating an OAuth inbound integration and handing the client a client ID and secret. Client ID Metadata Documents (CIMD) make that step much lighter: the client identifies itself with a single HTTPS URL that points to a small JSON file describing it, and you register it in a few clicks by pointing your instance at that URL.

CIMD is available from the Zurich Patch 7 and Australia Patch 1 releases onward. In this walkthrough we'll connect Visual Studio Code to a ServiceNow MCP server end to end.

What you'll need

An instance on Zurich Patch 7 / Australia Patch 1 or later, with MCP Server Console available.
At least one MCP server (or the preconfigured Quickstart Server). Creating a server needs the sn_mcp_server.admin (or admin) role.
Permission to register OAuth clients (oauth_admin, mi_admin, or admin).
An MCP client that publishes a CIMD document. VS Code does.

Step 1 — Find your MCP server URL

In MCP Server Console, open your server and copy its Server URL. It looks like:

https://<your-instance>.service-now.com/sncapps/mcp-server/mcp/<server-name>

If you're using the Quickstart Server, the server name is sn_mcp_server_default.

Step 2 — Understand the client's CIMD document

With CIMD, the client hosts a JSON file at an HTTPS URL, and that URL is the client's client_id. You don't create or host this file — the client owns it. VS Code publishes its document here:

https://vscode.dev/oauth/client-metadata.json

Open it in a browser and you'll see something like this:

{
  "client_id": "https://vscode.dev/oauth/client-metadata.json",
  "client_name": "Visual Studio Code",
  "client_uri": "https://vscode.dev/product",
  "logo_uri": "https://code.visualstudio.com/assets/branding/code-stable.png",
  "redirect_uris": ["http://127.0.0.1:33418/", "https://vscode.dev/redirect"],
  "grant_types": ["authorization_code", "refresh_token", "urn:ietf:params:oauth:grant-type:device_code"],
  "response_types": ["code"],
  "token_endpoint_auth_method": "none",
  "application_type": "native"
}

A few things worth noticing as a developer:

client_id matches the document's own URL — that binding is what your instance validates.
token_endpoint_auth_method is none, so this is a public client. ServiceNow registers CIMD clients as public clients and secures the flow with PKCE.
response_types is code — the authorization code flow.
redirect_uris includes a loopback address (127.0.0.1), which is typical for a desktop client.

Step 3 — Register the CIMD client in ServiceNow

Navigate to All > System OAuth > CIMD Clients, then select New.

You can also start from Application Registry > New and choose Configure a Client ID Metadata Document (CIMD) client on the "What kind of OAuth application?" screen.

1_CIMD List view.png

1_CIMD Inteceptor view.png

In the Add a CIMD OAuth Client dialog, paste the client's CIMD metadata URL and select Fetch Metadata. If you'd rather enter everything by hand, choose Enter the details instead.

https://vscode.dev/oauth/client-metadata.json

3_CIMD new pop up.png

ServiceNow fetches the document and shows the retrieved values for review — Client Name, Redirect URIs, Response Types, Client URI, and Logo URI. Pick a Metadata Sync Mode:

Live — for fully trusted clients. ServiceNow automatically fetches the latest configuration from the client's metadata.
Static — for pre-approved clients. ServiceNow pins the configuration captured during onboarding and makes no automatic updates later.

Select Create to save the client. The Client ID is set automatically from the metadata URL.

4_CIMD fetched Metadata in pop up.png

That's the whole registration. Note that registration is required — a client that hasn't been registered can't connect.

5_CIMD saved CIMD record.png

Step 4 — Connect VS Code to your MCP server

Add your ServiceNow MCP server in VS Code using the Server URL from Step 1. VS Code connects with the OAuth authorization code flow and PKCE, presenting its CIMD URL as the client_id. When prompted, sign in to your instance and approve access.

The exact UI for adding an MCP server varies by client, so follow your client's documentation for where to enter the server URL and start the connection.

Step 5 — Test the connection

Once the client authenticates, it receives the list of tools your server exposes. Try a prompt that maps to one of those tools — for example, with the Quickstart Server's incident tools, ask it to summarize recently closed incidents.

Wrapping up

CIMD turns client onboarding into a paste-a-URL, click-Create step, while keeping you in control — every CIMD client is registered by an admin, runs as a public client with PKCE, and can be switched between Live and Static syncing. It's a clean way to bring MCP clients onto your ServiceNow MCP server without juggling client secrets.

Have you connected an MCP client this way? Share your setup and questions in the comments.

Connect MCP clients to your ServiceNow MCP Server with CIMD

What you'll need

Step 1 — Find your MCP server URL

Step 2 — Understand the client's CIMD document

Step 3 — Register the CIMD client in ServiceNow

Step 4 — Connect VS Code to your MCP server

Step 5 — Test the connection

Wrapping up

Eliminating Basic Auth Across All Inbound Surfaces: REST APIs, SOAP & Processors (Part 3)

Granular Admin Roles in Australia: Precise access control for a platform that's moving fast

Scripting Governance Tool: What changed in Zurich.