Security On Now
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- ServiceNow Community
- Connect
- Security On Now
Options
Browse the Community
Security On Now blog
0 PostsOptions
Activity in Security On Now
Infected Download Allowed
Hello I just wanted to ask if there's a way to test this property? I mean if there's a OOTB file to test this property? if it was set to true? the property is com.glide.snap.infected_download_allowed
- Question
Trusted mobile devices
Does a trusted mobile device registered by a user ever expire?We are currently experiencing behavior that appears to indicate the trusted mobile device is expiring or becoming invalid after a period of time. However, we have not been able to identify...
- Question
Procedure for Applying Custom Branding for Email-Type MSI Status Report Templates
Hello, In the MSI Status Report configuration, we notice that several out-of-the-box (OOTB) templates are available. For templates where the report type is set to “Email,” the system automatically applies a default header and footer image. When creat...
- Question
How to disable Yokohama MFA enforcement if you have SSO enabled already
Hi, I need your help here. Company ABC already has MFA and SSO enabled, and documentation says "Beginning in Yokohama, ServiceNow is going to begin enforcing MFA by default for any internal local logins, meaning any login that is not through a Sing...
- Question
getting Invalid redirect_uri when I set up Copilot Connector
I created new Application Registry with client id and client secret, however, I use "https://dev217112.service-now.com/oauth_redirect.do" for my redirect URL. what the correct URL should I use in SNOW configuration.
- Question
Cross-scope glide.record.legacy_cross_scope_access_policy_in_script
Hi, I have spent several hours on this already and I cannot find a solutionI recently set glide.record.legacy_cross_scope_access_policy_in_script=false and it broke my BR running in sn_si. The BR is creating a Draft Email. I am getting an error:Acc...
- Question
Doing Security Assessment and Authorizations for ServiceNow PAAS and Apps
will be doing Security SAAs on PAAS and Apps if anyone has gone through the process and built out evidence that is common and sharable I would love to hear more about it and connect. Thanks
- Question
Instance security settings
Hi everyone,I'm looking for a comprehensive document that outlines every security setting an instance should have—from email architecture to encryption and beyond. Does anyone know of a resource that covers all these aspects? I've already went throug...
- Question
Resolved! Password Expiration every 90 days
Hello everyone!I'm trying to set up password expiration for local accounts every 90 days.I found the "Password Expiration Configuration" section on the Password Reset Process I'm using, but to do that, I need a flow for the Password Reset Credential ...
- Question
Is it possible to authenticate users using an external API instead of Active Directory integration?
Hello community,We have a requirement where, if a user is already logged in to another application, they should not have to log in again when redirected to the ServiceNow Virtual Agent or Customer Portal. Instead, ServiceNow should recognize the sess...
- Question
Resolved! Security related questionnaire
For the questions below, I was requested to provide comments which will help explaining the policy or details about question. Kindly help. Asset Management [D.14] In the event of a subpoena or forensics incident, is specific data able to be put on L...
- Question
New ServiceNow Security ACL Updates
There was an update in ServiceNow where they added 23k new ACLs in our instance for query_range. I noticed when they update a table, they don't update all the fields and it broke our reports. For example, our Group table's ACLs were updated and it ad...
- Question
How can non-admin users call REST Message with OAuth2.0?
Hi,I have been asked to use GlideRecordSecure instead of GlideRecord in scripted REST APIs by the ServiceNow Application certification team. All my scripted REST APIs use oAuth2.0 authentication with grant type as 'client_credentials'.For non-admin ...
- Question
Resolved! What is the best way to detect password stored in text fields?
I was looking for options, what is the best way to detect if someone ingested sensitive information (password to be very specific) into free text fields? (Like adding user-pwd combo into a Work notes of an incident) I found Data Privacy plugin, but ...
- Question
Email OTP MFA Using a Mobile Device
I am playing with enabling Email OTP as the only MFA method for 'new hires' who utilise a local user account until they become an employee and then use SSO from their corporate account. While I have been able to setup the Email OTP MFA Context, the u...
- Question
Getting started
We want your journey here to be as great as can be, so we have put together some links to help you get quickly familiarized with the Community.
Unanswered questions
| Subject | Author | Posted |
|---|---|---|
| 02-23-2026 11:48 PM | ||
| 11-05-2025 06:39 AM | ||
| 08-06-2025 08:02 AM | ||
| 08-04-2025 09:25 AM | ||
| 05-06-2025 04:58 AM |
