Create IP Filter Criteria

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Define which IP addresses or IP ranges are permitted to connect to your ServiceNow instance via the SQL API ODBC/JDBC driver. By default, all incoming IPs are blocked until you configure the SQL API Authentication Policy with an IP filter and policy condition to allow access only from trusted client machines.

    Before you begin

    Role required: admin

    • You have consulted your network team to identify the IP address range for your ODBC/JDBC client machines.
    • You have completed the previous configuration steps: creating a Service Account and configuring Access Control Lists (ACLs).

    About this task

    This is the third and final configuration procedure for enabling SQL API access on your ServiceNow instance. After completing this task, your Service Account will be able to connect to ServiceNow via ODBC or JDBC from the specified IP addresses and query the tables for which access has been granted.

    By default, all incoming IP addresses are blocked for SQL API connections. You must explicitly define which IP addresses or IP ranges are permitted to connect. This ensures that only trusted client machines can access your ServiceNow data through the SQL API.

    Note:
    For additional details on IP filtering, refer to the IP filter documentation in the ServiceNow Platform Security guide.

    Procedure

    1. Navigate to the SQL API Authentication Policy configuration.
      Access the policy settings where you will define IP-based access restrictions for SQL API connections.
    2. Create a new IP filter condition.
      Define the specific IP addresses or IP address ranges that should be allowed to connect to your ServiceNow instance via the SQL API drivers.
    3. Specify the trusted client machine IP addresses.
      Enter the IP addresses or IP ranges for your ODBC/JDBC client machines. These are the machines from which BI tools and analytics platforms will connect to ServiceNow.
    4. Save the IP filter configuration.
      The new policy condition will take effect immediately, allowing connections only from the specified IP addresses while blocking all others.

    Result

    You have successfully configured IP filtering for SQL API access. Your ServiceNow instance will now accept SQL API connections only from the specified IP addresses or IP ranges. All other connection attempts will be blocked by default.

    Your Service Account can now connect to ServiceNow via ODBC or JDBC from the permitted client machines and query the tables for which both egress_sql and read ACLs have been configured.