Identity Management

Users of a ServiceNow instance require an identity within the database, regardless of authentication mechanism. This helps support a variety of capabilities within the cloud service, including role‑based access and transaction/configuration item (CI) association.

To facilitate this, your instances support both manual creation of user identities as well as automated mechanisms like Active Directory, LDAP, and external identity providers (IDPs). The instance synchronizes users, their group memberships, and the group objects themselves. You can incorporate as few or as many user attributes as you deem necessary, although passwords cannot be synchronized.

Customers may also use the ServiceNow Management, Instrumentation, and Discovery (MID) server component for LDAP synchronization. The MID server can be installed inside your internal network to access your directory servers. This eliminates the need to allow the ServiceNow instances through your perimeter and firewall for server access.

For additional information on our identity management capabilities, please refer to