Instance scan findings

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Instance scan findings

    This document details the findings reported by the instance scan in the Zurich release (updated July 31, 2025). After completing a scan, ServiceNow customers can review these findings on the Scan Result form within the Scan Findings related list. The scan identifies configuration issues primarily related to connections, credentials, OAuth settings, and calendar synchronization setup.

    Show full answer Show less

    Key Findings

    • Missing or incorrectly configured connection and credential aliases, including cases where expected child aliases are not properly linked.
    • Issues with the number of connections or connection attributes found for a specified alias (either multiple or none).
    • Incorrect Connection URL configurations within connection and credential aliases.
    • OAuth-related problems such as mismatched OAuth providers, scopes, grant types, expired OAuth tokens, and invalid URLs associated with Application Registries.
    • Lack of associated OAuth Entity Profiles or credentials with connections, or presence of inactive or invalid credential records.
    • Requirements for Authorization Code grant types to have Strict mode enabled with a valid Strict mode email.
    • Calendar synchronization issues, such as inactive calendar providers, missing or mismatched emails in Rsv Sync configurations, multiple subscriptions linked to a resource, expired or invalid subscriptions, or absence of subscriptions.

    Practical Implications for ServiceNow Customers

    These findings help customers identify misconfigurations that could disrupt integrations, especially with Microsoft Exchange Online services and OAuth authentication flows. Addressing these issues ensures secure, reliable connections and proper calendar synchronization.

    Customers should use the scan findings to validate their connection aliases, OAuth provider settings, credential associations, and calendar sync configurations. Correcting these items will prevent authentication failures, expired tokens, and synchronization errors.

    Next Steps

    To resolve identified issues, customers are advised to consult the following ServiceNow resources:

    • Microsoft Exchange Online - Calendar synchronization documentation
    • Synchronization - Prerequisites and implementation guides

    Following these resources will guide customers through prerequisite setups and implementation best practices to fix scan findings effectively.

    After the instance scan completes, on the Scan Result form, review the findings in the Scan Findings related list.

    Scan findings

    The following findings are reported in the scan report:
    • Could not find the sn_ex_online_spke.Microsoft_Exchange_Online Connection and credential alias.
    • The Connection & credential alias specified in the Override alias is not a child alias to the sn_ex_online_spke.Microsoft_Exchange_Online Connection and credential alias.
    • There are multiple/no connections associated with the ' + selectedAlias.getValue('name') + ' Connection and credential alias.
    • There are multiple/no connection attributes associated with ' + selectedAlias.getValue('name') + ' Connection and credential alias.
    • Incorrect 'Connection URL' specified in the " + selectedAlias.getValue('name') + " Connection and credential alias."
    • OAuth provider associated with the OAuth Entity Scope - ' + scope + ' is not same as the one associated with OAuth Entity Profile of this scope.
    • The OAuth Scope - ' + scopesExpected[i] + ' must be associated with the grant type ' + grantType + '.
    • The Default grant type of the OAuth provider must be same as the Grant type of the OAuth Entity Profile.'
    • OAuth Token has expired.
    • Please generate an OAuth Token.
    • Invalid token URL associated with Application Registry - ' + applicationRegistryGr.getValue('name') + '.
    • Invalid authorization URL associated with Application Registry - ' + applicationRegistryGr.getValue('name') + '.
    • Invalid redirect URL associated with Application Registry - ' + applicationRegistryGr.getValue('name') + '.
    • There is no OAuth Entity Profile associated with the credential - ' + credentialGr.getValue('name') + '.
    • There is no credential associated with the connection - ' + connectionGr.getValue('name') + '.
    • There is no active credential associated with the connection - ' + connectionGr.getValue('name') + '.
    • Invalid Credential record associated with connection - ' + connectionGr.getValue('name') + '.
    • If the grant type of the connection (linked with provider) is set as Authorization Code, the provider must have Strict mode enabled with a valid Strict mode email.
    • Synchronization is not configured - could not find an active provider.
    • There are multiple subscriptions associated with this resource.
    • Calendar provider associated with this Rsv Sync Configuration is inactive.
    • Could not find an email with this Rsv Sync configuration.
    • The Rsv Sync configuration email must be same as the email specified in the 'Email' field of the location record.
    • The same email is associated with a different Rsv sync configuration.
    • The Subscription has expired.
    • The Subscription status is ' + status + '.
    • Invalid Subscription.
    • Could not find a subscription for this Rsv Sync Configuration.
    To fix a finding, refer to the following: