Specify requirement for signed SOAP requests

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Use a SOAP security policy to specify whether the instance requires signed SOAP requests for all inbound SOAP traffic.

    Before you begin

    Role required: web_service_admin or admin

    About this task

    By default, all inbound SOAP traffic must be signed. Administrators may want to disable this policy and allow unsigned SOAP requests to ServiceNow web services.

    Procedure

    1. Navigate to All > System Web Services > SOAP Security Policies.
    2. Select the Default Policy.
    3. Clear the Required to Sign SOAP Request check box (selected by default) to disable the requirement.
    4. Click Update.