Hello Developers, I was reviewing the post titled "ServiceNow Password Policies – A Complete Guide for Admins".https://www.servicenow.com/community/platform-privacy-security-blog/everything-you-need-to-know-about-password-policies-in/ba-p/3538368 I w...
Hi everyone,I'm troubleshooting an issue where a user is receiving an HTTP 401 Unauthorized response when calling a ServiceNow Marketplace-related API through Postman using Bearer token authentication.The Authorization header appears to be configured...
Introduction ServiceNow has introduced an important security enhancement to help customers strengthen their cybersecurity posture by restricting insecure Basic Authentication API access for certain users. This change mainly impacts environments where...
Hi, I want to know the information about "ServiceNow Vault." I have searched the community and documentation about that but found nothing useful. If anyone has a meaningful reference to learn about this, it will be helpful. Thank you,
Started getting this banner appear after logging in to all 3 instances. After reviewing the Identified Users table, there are 2 "users" that we need assistance on. 1) System Administrator User - this is only used for and logged into the module to mo...
Hello Community, Is it possible to roll back a data privacy clone in a sub production instance? It looks like the job can be rolled back but the data doesn't actually change. Thanks,Heather
Just a couple questions on Data Privacy 1. Can you rollback anonymization at anytime after the job has completed (ie. 6 months later) or is it just immediately after job is run? 2. If you anonymize phone number, can you still click on the phone num...
Hi Community, What are some of the options to verify user's identity when they contact helpdesk to reset their MFA?
Hi all, Recently, ServiceNow placed a yellow banner at the top of our instances with Action Required: Review Basic Authentication Account Security. The first bullet point under Take Action is "Review the Identified Users table" (which goes to [sys_us...
Hi all, I am new to OAuth. For inbound integration, do we need to provide username and password to an external platform to retrieve access token and refresh token?I have seen videos on Youtube on OAuth tutorial in ServiceNow and it mostly shows how t...
We have a use case were we want certain users to be only able to use MFA by an authentication App whilst allowing other users to choose Email or authentication App. I have configured MFA to allow email for users for all users except those with the sp...
Is there a way users without roles can only see the service portal? They are redirected to /sp at login.We have users going to their profile then selecting "view identity center" which lets them into the platform. I don't want to just block the ident...
I am currently working on our Australian non-prod instance. I recently installed the High Security plugin to conduct an impact analysis before deploying it to Production instance. After measuring the impact, I attempted to roll back the plugin becaus...
Who can view a module when its roles field is empty? A. Users with no attached roles on the user record B. Users with the snc_internal role C. User roles with access to the application menu
Hi Community,I recently faced an issue where I enabled MFA on my PDI, but I lost access to the passkey, and the email account is not properly configured to receive verification codes.However, I also tried disabling MFA via API, but this approach did ...
