Check permissions and update credentials for tools — Workspace

  • Release version: Zurich
  • Updated March 12, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Check permissions and update credentials for tools — Workspace

    This feature in the DevOps Change Workspace allows ServiceNow customers to verify and update credentials for various connected tools to ensure they have the necessary permissions for seamless data discovery and import. This capability helps maintain integration integrity by confirming if existing credentials are sufficient or need higher-level permissions.

    Show full answer Show less

    Permission checks

    • Permission checks validate whether tool credentials have full, partial, or unchecked permissions.
    • Customers can initiate permission checks anytime from the tool details page under Tools in the DevOps Change Workspace.
    • Specific steps vary by tool, such as entering a GitHub app slug for GitHub OAuth credentials.
    • Note that SonarQube and Rally do not support permission checks.
    • If permissions are insufficient, customers should update credentials or adjust permissions on the external tool.

    Updating credentials

    • Credentials can be updated with those having adequate permissions directly from the tool details page.
    • Update options depend on the tool and credential type (Basic Auth or OAuth), including entering new passwords, access tokens, or OAuth credentials.
    • After updating, customers can run permission checks to confirm credential adequacy before finalizing updates.
    • Tools covered include Bitbucket, Azure DevOps, Jira, Jenkins, JFrog, GitLab, GitHub, GitHub Enterprise, Argo CD, SonarQube, and Rally.
    • Specific notes:
      • Azure DevOps requires Project Collection Administrator membership for some permissions.
      • OAuth 2.0 is not available for Jenkins and JFrog.
      • GitHub OAuth via GitHub app requires the app slug for permission checks.
      • Argo CD, SonarQube, and Rally do not support permission checks but allow credential updates.

    Practical impact for customers

    By regularly verifying and updating tool credentials, ServiceNow customers ensure uninterrupted integration with their DevOps tools, preventing data import issues caused by insufficient permissions. This process supports maintaining secure and effective connections across multiple third-party tools within the DevOps Change Workspace.

    You can perform permission checks and update credentials like passwords and access tokens for your tools from the tool details page.

    Permission checks

    You can perform permission checks on connected tools at any time, to verify if the existing credentials have the necessary permissions. This check helps to determine if there are possible impacts or if you must get a token or credential with higher-level permissions for the tool.
    Note:

    SonarQube and Rally doesn't have the option to check for permissions.

    1. From the DevOps Change Workspace, navigate to Tools and select the tool to open the details page.

      The Permission check result field shows whether the tool credentials have all the necessary permissions, have partial permissions, or if permissions haven't been checked. The Last Permission check field tells you when the permission checks were previously run.

    2. Click More Actions.
      • For Bitbucket, select Check password permissions.
      • For GitHub and GitHub Enterprise with OAuth credentials using the GitHub app, select Check credential permissions and then enter the GitHub app slug name. Click Check permissions.
      • For others, select Check credential permissions.

      You can see the status of the checks depending on your credential permissions. You need sufficient permissions on your credentials for seamless discovery and import.

    3. If permissions aren’t sufficient, it’s recommended to update the credentials with those having higher-level permissions, or update the permissions for the objects on the external tool.

    Update credentials

    You can update the tool credentials with credentials having sufficient permissions for seamless discovery and import of data from your tool.

    1. From the DevOps Change Workspace, navigate to Tools and select the tool to open the details page.
    2. Click More Actions. Depending on your tool, the options to update your credentials are displayed.
      Tool Steps
      Bitbucket
      1. Click Update password.
      2. Enter the user name and the new password.
      3. Click Check permissions.
      4. The permission check results are shown in the Permission check dialog box. If you are satisfied with the permissions for your tool, then update the credentials.
      Azure DevOps
      1. Click Update credentials.
      2. Select the Credential type.
        • If the credential type is Basic Auth, enter the new password or access token.
        • If the credential type is OAuth, enter the new credential.
      3. Click Check permissions.
      4. The permission check results are shown in the Permission check dialog box. If you’re satisfied with the permissions for your tool, then update the credentials.
        Note:
        Since the DevOps tool maps to an Azure DevOps organization, the Project Administrators privilege requires the owner of the PAT to be a member of the organization's Project Collection Administrators group.
      Jira, Jenkins, JFrog
      1. Click Update credentials.
      2. Select the Credential type.
        • If the credential type is Basic Auth, enter the new password or access token.
        • If the credential type is OAuth, enter the new credential.
        Note:
        OAuth 2.0 credentials are not available for Jenkins and JFrog.
      3. Click Check permissions.
      4. The permission check results are shown in the Permission check dialog box. If you’re satisfied with the permissions for your tool, then update the credentials.
      GitLab
      1. Click Update credentials.
      2. Select the Credential type.
        • If the credential type is Basic Auth, enter the new password or access token.
        • If the credential type is OAuth, enter the new credential.
      3. Click Check permissions.
      4. The permission check results are shown in the Permission check dialog box. If you’re satisfied with the permissions for your tool, then update the credentials.
      GitHub, GitHub Enterprise
      1. Click Update credentials.
      2. Select the Credential type.
        • If the credential type is Basic Auth, enter the user name and new password or access token.
        • If the credential type is OAuth using the GitHub app, enter the new credential. If you don't want to check for permissions, then click Update directly, and the credentials are updated.

          To check the permissions, you must enter the GitHub app slug name.

        • If the credential type is OAuth using the OAuth app (not the GitHub app) at GitHub end, enter the new credential.
      3. Click Check permissions.
      4. The permission check results are shown in the Permission check dialog box. If you're satisfied with the permissions for your tool, then update the credentials.
      Argo CD, SonarQube, Rally These tools don't check for permissions. To update credentials:
      1. Click Update credentials.
      2. Enter the user name and new password or access token.
      3. Click Update to update the credentials.

      Permission checks are run on the new credentials. Once permissions check is completed, you can proceed with updating the credentials. If you want to abort the update, click Cancel.