Customize password reset processes and integrate third-party credential services

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 1 minute to read

    • To customize password reset processes or to integrate them with third-party credential services such as Okta or Microsoft Entra ID, use Integration Hub capabilities. Use Action Designer to create or modify actions like user unlock, change password, and get user status. Use Flow Designer to create or modify subflows that perform the actions.

    Before you begin

    Role required: admin, password_reset_admin, or password_reset_credential_manager

    About this task

    • The base system provides actions, subflows, and credential store types for the "Local ServiceNow Instance" identity provider.
    • For Microsoft Active Directory, the subflows are available when you activate the Microsoft AD Spoke for Password Reset app.
    • To use any other identity provider such as Okta, you must use Integration Hub to create the required actions, subflows, and custom credential store types.
    • For Microsoft Entra ID, the subflows are available when you activate the Microsoft Entra ID Integration for Password Reset app.

    Procedure

    1. Use Action Designer to create password reset actions like user unlock, change password, and get user status.
      For more information about Action Designer, see Action Designer.
    2. Use Flow Designer to create the following subflows.

      Use the specified names, inputs, and outputs for the subflows. For more information about the subflows, see Subflows.

      Subflow name Input Input type Output Output type
      <Provider Name> Password Unlock Password Reset Request Record.Password Reset Request Error Message String
      Status Choice
      <Provider Name> Password Reset Password Password (2 Way Encrypted) Status Choice
      Password Reset Request Record.Password Reset Request Error Message String
      <Provider Name> Password Change Password Reset Request Record.Password Reset Request Status Choice
      Current Password Password (2 Way Encrypted)
      Note:
      Name under Advanced options is old_password.
      		 Error Message String
      New Password Password (2 Way Encrypted)
      Note:
      Name under Advanced options is new_password.
      <Provider Name> Password Lock State Password Reset Request Record.Password Reset Request Error Message String
      Locked Choice
      Status Choice
      <Provider Name> Password Connection Test Not Applicable Not Applicable Error Message String
      Status Choice
    3. For third party providers, create a credential store type.
      1. Select the Use Flow check box.
      2. Select the password reset subflows that you created for the provider.
      See Password Reset application for more information.
    4. Create password reset credential store.
    5. Create a password reset process.
    6. Select the credential store type created for the provider.

    Result

    The password reset mechanism for the required third-party application is set up.