Basic trust configuration for data sync applications

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Basic Trust Configuration for Data Sync Applications

    The Basic Trust Configuration for data sync applications in ServiceNow allows for controlled data visibility across instances within a customer's account. This configuration is crucial for managing data sharing securely between production and non-production instances.

    Show full answer Show less

    Key Features

    • Data visibility is governed by instance-specific trust configurations for each application.
    • Default settings allow non-production instances to share data with production instances only, while production instances do not share data with others.
    • Administrators can modify these settings based on business requirements, but changes reset to default if instance statuses change (production to non-production or vice versa).
    • The Grant access column indicates whether the instance you're logged into has granted access to another instance, while the Is granting access column reflects the reverse situation.

    Key Outcomes

    By configuring trust settings, customers can effectively manage data sharing across their ServiceNow instances. This ensures that only authorized instances have access to specific application data, enhancing security and compliance.

    For instance, an admin can easily revoke or grant access between instances as needed, depending on operational requirements, by updating the Grant access column while logged into the respective instance.

    Certain ServiceNow applications have the ability to provide data visibility across instances within a customer’s account.

    Data visibility is protected by a trust configuration per instance, per application. You can configure the data sharing for production and non-production instances for the applicable applications by navigating to All > Multi-Instance Management > Trust Configuration.

    Note:

    By default, non-production instances allow application data sharing with production only. Production instances do not allow application data sharing with any other instance. However, these can be updated by the admin for each instance based on business needs.

    If you demote a production instance to non-production, or promote a non-production instance to production, all previous customizations to data sharing settings are reset to the default configuration.

    The Grant access column indicates the permission granted by the instance that you’re currently logged in to for the instance named in the same row’s instance column. The Is granting access column displays whether or not the instance mentioned in the Instance column has granted access to the instance you’re currently logged in to; it can’t be edited.

    The following are some examples for data sharing restrictions between instances.

    Logged in to Prod1

    In the following example, you’re logged in to Prod1. Prod1 has granted access to the instance Prod2 for the application Subscription Management, as indicated by the True value in the Grant access column.

    Prod2 hasn’t granted access to Prod1, as indicated by the False value in the Is granting access column.

    The configurations in the MIF table.

    To revoke access for the Subscription Management app from Prod1 to Prod2, update the value in the Grant access column to False while logged in to Prod1.

    Logged in to Prod2

    In the following example, you’re logged in to Prod2. Prod1 has granted access to the instance Prod2 for the application Subscription Management, as indicated by the True value in the Is granting access column.

    Prod2 hasn’t granted access to Prod1, as indicated by the False value in the Grant access column.

    The configurations in the MIF table.

    To grant access from Prod2 to Prod1 for the Subscription Management application, update the value in the Grant access column to True while logged in to Prod2.

    Logged in to Sub-prod2

    In the following example, you’re logged in to Sub-prod2. Prod1 hasn’t granted access to the instance Sub-prod2 for the application Subscription Management, as indicated by the False value in the Is granting access column.

    Sub-prod2 has granted access to Prod1, as indicated by the True value in the Grant access column.

    The configurations in the MIF table.

    To revoke access from Sub-prod2 to Prod1 for the Subscription Management application, update the value in the Grant access column to True while logged in to Sub-prod2.

    Logged in to Sub-prod3

    In the following example, you’re logged in to Sub-prod3. Sub-prod4 has granted access to the instance Sub-prod3 for the application Subscription Management, as indicated by the True value in the Is granting access column. Sub-prod3 has also granted access to Sub-prod4, as indicated by the True value in the Grant access column.

    The configurations in the MIF table.