SAP credentials

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of SAP credentials

    SAP credentials in ServiceNow manage access to SAP JCo systems and are used primarily for Discovery and Orchestration processes. This credential type allows you to securely authenticate and connect to SAP systems, enabling automated discovery and workflow orchestration activities.

    Show full answer Show less

    Key Features

    • Name and Activation: Assign a unique and descriptive name to each credential and enable or disable it as needed.
    • User Name and Password: Enter the user name (without leading or trailing spaces) and password for the credential. For CIM discovery, the user must have the admin role.
    • Credential ID and External Credential Store: If using external credential storage (such as CyberArk), enable the external credential store option. This replaces user name and password fields with a Credential ID, which links to the external system. The Credential ID has a 40-character limit.
    • Credential Alias: Allows assignment of individual credentials to specific activities or occurrences in Orchestration workflows. Also supports specifying the CI type table name for discovering CIs outside the default scope.
    • Applies to and MID Servers: Credentials can be applied to all MID Servers or specific MID Servers. When specifying specific servers, credentials are only visible to those servers. Note that specific MID servers are not supported in Orchestration activities.
    • Order: Defines the sequence in which Discovery attempts to use multiple credentials for logon. Lower numbers indicate higher priority, helping manage login attempts and avoid lockouts after failed tries.
    • Windows MID Server Service Account: When active, the credential represents the MID Server service account.

    Practical Benefits for ServiceNow Customers

    • Enables secure integration with SAP systems for discovery and orchestration automation.
    • Supports both native and external credential management, enhancing security through tools like CyberArk.
    • Provides flexible credential assignment to optimize discovery and workflow execution across multiple MID Servers.
    • Helps prevent login failures and security lockouts by managing credential usage order.

    The SAP credential type manages access to SAP JCo systems. This credential type is available for Discovery and Orchestration.

    These fields are available in the Credentials form for SAP type credentials.
    Field Description

    Name

    Enter a unique and descriptive name for this credential.

    Active

    		Enable or disable these credentials for use.

    User name

    		Enter the user name to create in the Credentials table. Avoid leading or trailing spaces in user names. A warning appears if the platform detects leading or trailing spaces in the user name. For CIM discovery, the user must have the admin role.
    Password Enter the password.
    Credential ID Enter the unique key configured for external credentials in the JAR file uploaded to the MID Server for an external credential system. The Credential ID field has a limit of 40 characters.

    This field is only visible when the External credential store check box is selected.
    Credential alias Allow workflow creators to assign individual credentials to any activity in an Orchestration workflow or assign different credentials to each occurrence of the same activity type in an Orchestration workflow.

    To use the credential for discovering CIs not belonging to this CI type using Service Mapping and Discovery patterns, enter the table name for the CI type to which the CI belongs, for example cmdb_ci_apache_web_server.
    External credential store Select this check box to use an external credential storage system. When you select this option the User name and Password fields are replaced with the Credential ID field. External credential storage is only available when the External Credential Storage plugin in activated.
    Note:
    Currently, the only supported external storage system is CyberArk.
    Applies to

    Select whether to apply these credentials to All MID servers in your network, or to one or more Specific MID servers. Specify the MID Servers that should use these credentials in the MID servers field.
    MID servers Select one or more MID Servers from the list of available MID Servers. The credentials configured in this record are available to the MID Servers in this list. This field is available only when you select Specific MID servers from the Applies to field.
    Note:
    Selecting Specific Specific MID servers doesn’t affect mid server selection. It’s used only to decide which mid servers should have visibility to the credential. Specific MID servers isn’t supported in Orchestration activities.
    Order

    Order (sequence) in which Discovery tries this credential as it attempts to log on to devices. The smaller the number, the higher in the list this credential appears. Establish credential order when using large numbers of credentials or when security locks out users after three failed login attempts. If all the credentials have the same order number (or none), the instance tries the credentials in a random order.

    Windows MID Server Service Account

    When active, the defined credential represents the MID Server service account.