SQL API architecture

  • Release version: Zurich
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of SQL API architecture

    The SQL API architecture in ServiceNow enables secure, read-only access to instance data via industry-standard ODBC and JDBC database drivers. It allows external Business Intelligence (BI) tools and data analysis platforms to connect directly to ServiceNow tables without exporting or replicating data. This architecture maintains all existing security controls and access restrictions while facilitating data queries through standard database interfaces.

    Show full answer Show less

    Key Features

    • Client Applications: Supports BI tools like Power BI, DBeaver, and DBvisualizer using ODBC/JDBC protocols for connection.
    • ODBC/JDBC Drivers: Industry-standard drivers that establish connections and execute SQL queries against ServiceNow data.
    • ServiceNow Instance Security Layer: Applies multiple security controls sequentially including IP access policies, rate limiting, authentication with role verification, and encryption to ensure secure data access.
    • REST Layer: Dedicated internal REST services for ODBC and JDBC drivers that only allow SELECT queries and enforce rate limits.
    • Database Tier: Queries are routed preferably to a configured Read Replica to isolate BI workloads from the primary database, which remains read-only and serves as a fallback.

    How It Works

    When connecting a BI tool via the SQL API, the tool:

    • Establishes a database connection using ODBC or JDBC APIs.
    • Authenticates using ServiceNow user credentials configured for SQL API access.
    • Executes SQL queries to retrieve data from authorized tables and fields.
    • Has queries processed through the security services layer enforcing access restrictions.
    • Receives query results in a standard tabular format for visualization, analysis, or export within the BI tool.

    Practical Considerations

    To optimize performance and isolate BI workloads, it is essential to configure a Read Replica for routing SQL API queries. This setup ensures efficient handling of SELECT queries without impacting the primary database.

    The SQL API architecture demonstrates how the SQL API plugin integrates with the ServiceNow system to provide secure, read-only data access through industry-standard ODBC and JDBC drivers.

    The SQL API architecture provides a high-level view of how external Business Intelligence (BI) tools and data analysis platforms connect to your ServiceNow instance through standard database APIs. The architecture provides secure, read-only access to your ServiceNow data while maintaining all security controls and access restrictions.

    Architecture overview

    The SQL API uses ServiceNow web services to provide a query-only interface. This architecture enables direct connections from ODBC and JDBC-compatible tools to your ServiceNow data without data export or replication.

    The following diagram illustrates the high‑level architecture of how the SQL API connects external BI tools to ServiceNow tables via ODBC and JDBC drivers, while enforcing security and access controls.

    Figure 1. SQL API Architecture diagram
    Architecture diagram showing SQL API interaction with ServiceNow system components

    Key architectural components

    The SQL API architecture consists of the following key components:

    Client applications
    External BI tools and data analysis platforms such as Power BI, DBeaver, and DBvisualizer that connect using ODBC or JDBC protocols.
    ODBC/JDBC drivers
    Industry-standard database drivers that enable client applications to establish connections and execute SQL queries against ServiceNow data.
    ServiceNow Instance

    Inside the ServiceNow instance, three layers handle the request:

    • Security layer: In this layer, four controls are applied in sequence:
      1. IP Access Policy
      2. Rate Limit
      3. Auth + Role check
      4. Encryption
    • REST layer: There are separate dedicated services for each driver (ODBC REST Service and JDBC REST Service), both restricted to SELECT-only queries and rate limited, accessible only by the driver internally.
    • Database tier: Queries reach the Primary DB first (read-only, used as fallback if no replica), but are preferably routed to a Read Replica, which isolates BI workload from the primary database and handles all JDBC/ODBC SELECTs. You must configure a Read Replica to route the SQL API queries. For more information, see Route SQL API calls to Read Replica.

    How the architecture works

    When you connect your BI tool to ServiceNow through the SQL API, the following process occurs:

    1. Your BI tool establishes a standard database connection using either ODBC or JDBC APIs.
    2. The connection request is authenticated against ServiceNow user credentials configured for SQL API access.
    3. Once authenticated, you can write SQL queries to retrieve data from authorized ServiceNow tables and fields.
    4. The SQL API processes your queries through the security services layer, applying all security controls and access restrictions.
    5. Query results are returned in standard tabular format, which your BI tool can visualize, analyze, or export.