Working on a project to map out the most common security gapsin ServiceNow instances. From what I've seen across audits:• ACLs that silently fail open• REST API endpoints exposed without proper auth• System properties left in debug/insecure defaults•...
I am going to show you what exactly the difference between getMessage and new GwtMessage().getMessage().getMessage() and new GwtMessage().getMessage() both we use in client side to show the sys ui message. but there is some difference.getMessage is o...
Hi ! I'm actually trying to set up connecting users through an OIDC Identity provider.Here's where I am : - I've configured the identity provider record through a well known configuration url- I've configured the OIDC Provider configuration like belo...
When creating a data discovery job with a scan type of "Full", we are running into 2 issues. 1. When running a scan on a single table, the scan is not covering all records on the table. It will run a small number, 3 or 4.2. When running larger jobs w...
I am creating OAuth API endpoints for external clients, specifically for infosec scanning and logging tools like Splunk or Palo Alto SSPM or Valence. I want to I grant the respective service accounts both admin and snc_read_only roles. However I t...
Hello!I have a scheduled background script that updates the incident.description HTML field.Now I've read about ServiceNow scripting governance tool and I have added the admin user and all required users the snc_required_script_writer_permission role...
We have currently set up 3 IdPs (no default) on our instance. Currently, people SSO'ing to our instance have to use a special link (SSO ID), causing issues. Hitting base url always redirects to login.do, since there's no default set.Another option is...
We recently bulk loaded comments on around 10000+ cases. Unfortunately the work notes as well got loaded as comments and now internal work notes are visible to the customer through portal. We are trying to delete all comments now. We removed the entr...
Overview:When a new user account is created in ServiceNow, it is often necessary to allow the user to set their password securely for the first time.Instead of manually assigning passwords or asking administrators to reset them, we can automatically ...
How can I force a user to use a different SSO IDP for a portal if they are already authenticated with another SSO IDP within the instance? We use 2 SSO IDP for our instance.Some users have the option of using both.However, for some of our portals or ...
Hi Community,I have a question regarding database migration and cloning in ServiceNow.Suppose a source instance has already been migrated by ServiceNow from MariaDB to RaptorDB, while the target instance is still running on MariaDB.If we perform a cl...
Hello A very small number of users logged in by SSO into SN are logged out directly.Hint: SSO Debug is enabled.I have done a Test with PDI and SSO Circle:- using "email" as "user_field" to identify the SSO user in SNTest 1.- add my SSO Circle User em...
Hi Community,We have a Business Rule that creates incidents based on incoming alerts from an external monitoring tool. It includes a Wait Rule - when the wait completes, a scheduled workflow runs as the system user and executes a post processing scri...
Hi, Have been asked to review how we grant, manage and monitor privileged access in ServiceNow. At this stage we are defining privileged access to users with admin and security_admin roles. This may change to include some of the sub-admin roles. I ...
I need to create an ACL on core_comapny table but only NAME and CITY field shds be visible visible to the user. How can we achieve this with snc_internal role? I do not have any read acl on snc_internal role for core_company table.Thank youSunil.
