MID Server Governance

  • Release version: Australia
  • Updated March 12, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of MID Server Governance

    MID Server Governance enhances the security of MID Servers by automatically invalidating and shutting down inactive MID Servers connected to ServiceNow instances. This feature prevents forgotten or idle MID Servers from being exploited if the instance is compromised. It maintains a record of the last validation or invalidation status of each MID Server. MID Server Governance is included in the MID Server plugin but is not enabled by default.

    Show full answer Show less

    Enable and Configure MID Server Governance

    To activate MID Server Governance for all MID Servers, set the system property mid.inactivity.timeout.enabled to true. The inactivity timeout period is controlled globally by the integer system property mid.inactivity.timeout.days, which defines the number of days before a MID Server is considered inactive and invalidated. If this property is not specified, the default timeout is 30 days.

    Timeout settings can be customized per MID Server by adding a configuration parameter mid.inactivity.timeout.days with a specific value. Setting this value to 0 disables governance for that MID Server. Changes to these settings do not require restarting the MID Server.

    Activity Tracking and Auto-Invalidation

    The MID Server tracks activity by monitoring incoming and outgoing ECC queue messages and reports activity status hourly to the ServiceNow instance. If inactivity exceeds the configured timeout, the MID Server is invalidated and automatically shut down. If the MID Server is offline when the timeout is reached, a job on the instance invalidates it accordingly.

    Users receive warning messages on the MID Server page as the inactivity timeout approaches:

    • Info messages when 3 to 7 days remain.
    • Error messages when less than 3 days remain.
    • Error messages indicate the date after auto-invalidation occurs.

    Clearing Auto-Invalidated Status

    After a MID Server is auto-invalidated, its status must be manually cleared using the Clear auto invalidated UI action on the MID Server instance page before restarting. Restarting without clearing the status causes immediate shutdown and logs a MID issue.

    Purpose Field

    The Purpose field allows customers to enter a descriptive note about the MID Server's intended use. This field is informational only and does not affect functionality.

    Related Concepts

    This feature integrates with other MID Server security mechanisms and configurations, including:

    • MID Server certificate check policies
    • Authentication credentials and SOAP requests
    • Unified key store and command audit logs
    • FIPS Enforced Mode
    • Encryption/decryption of configuration files
    • Mutual authentication and Azure Key Vault integration
    • SSL certificate management and external TrustStores

    Improve MID Server security by setting an automatic timeout to invalidate and shut down inactive MID Servers. You can enable this feature and set the inactivity timeout period globally and for each MID Server.

    Set-up indicator for security phaseEnsure that the MID Server can connect to elements inside and outside your networkDownload and install the MID Server on a Linux or Windows hostConfigure your MID ServerConfigure MID Server securityEnsure that the MID Server can connect to elements inside and outside your networkDownload and install the MID Server on a Linux or Windows hostConfigure your MID ServerConfigure MID Server security

    Overview of MID Server Governance

    MID Server Governance prevents forgotten MID Servers connected to ServiceNow instances from being utilized if the instance is compromised. ​MID Server Governance keeps a record of the last status change of the MID Server validation/invalidation process.

    This feature is not enabled by default, and is available out-of-the-box as part of the MID Server plugin. Once enabled, MID Server authentication is expired after a predetermined period of inactivity unless explicitly configured to never expire.

    Enable and Configure MID Server Governance

    MID Server Governance is enabled for all MID Servers by setting the following true/false system property:​ mid.inactivity.timeout.enabled. This property is not defined by default. The global inactivity timeout is ​specified by setting the following integer system property: mid.inactivity.timeout.days. The property takes an integer which specifies the timeout in days. The default timeout is 30 days if unspecified.

    You can override the timeout for a particular MID Server by specifying mid.inactivity.timeout.days as a configuration parameter on that MID Server. A timeout value of 0 disables MID Server Governance on that MID Server. Therefore, you can set a global timeout and also change or disable timeouts for certain MID Servers.

    You do not need to restart the MID Server after changing the Governance configuration. Governance works with either basic or mutual authentication.

    Activity Tracking

    The MID Server analyzes activity by tracking incoming and outgoing ECC queue messages​. Once per hour, the MID Server reports the last activity to instance, which is stored in the ecc_agent record​​, and checks if the inactivity timeout has been reached. If the inactivity timeout has been reached and the MID Server is up, the MID Server is invalidated and shuts down. If the timeout is reached when the MID Server is down, a job on the instance determines if the MID Server is idle and invalidates it on the instance.

    When MID server is approaching auto-invalidation timeout due to inactivity, the MID Server page will display a message indicating:​

    • An info message when 3-7 days remain before inactivity timeout.

    • An error message when less than 3 days remain before inactivity timeout.

    • After a MID has been auto-invalidated, an error message is displayed indicating the date the MID was auto-invalidated​.

    Clearing the auto-invalidated state

    After a MID Server has been auto-invalidated, the auto-invalidated status must be manually cleared in order to bring the MID back up successfully​. The MID Server shuts down immediately if it is restarted without clearing this state. In addition, a MID issue will be logged indicating this occurrence.

    The auto-invalidated state of a MID Server can be cleared by selecting the Clear auto invalidated UI action from the MID Server instance page​. After invoking this UI action, the user should start their MID Server and continue with the usual validation process.

    Purpose field

    The purpose is a text field that the customer can update at any point to indicate the intended usage for the MID Server. This field is purely descriptive and has no further interactions.