Using the Personal Authentication dashboard

  • Release version: Zurich
  • Updated July 31, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Using the Personal Authentication dashboard

    The Personal Authentication dashboard in ServiceNow provides a consolidated, user-friendly interface to manage your personal authentication credentials for third-party integrations. It enables users to authenticate, view, revoke, and renew their personal integration credentials securely without sharing superuser access or managing complex ACLs. This dashboard requires an Integration Hub subscription.

    Show full answer Show less

    Dashboard Structure and Functionality

    • My Integrations section: Displays your currently authenticated integrations as individual cards. You can:
      • Revoke authentication to invalidate tokens and remove access, moving the integration card to the "Integrations I can use" section.
      • Renew authentication to refresh tokens and extend expiration by reentering credentials through a pop-up window tailored to the integration type (ServiceNow or other OAuth applications).
    • Integrations I can use section: Shows available integrations not yet authenticated. You can authenticate them using the same pop-up method as renewal, which moves the card to "My Integrations" upon success.

    Setup Requirements

    • If you already use personal authentication credentials, upgrade to this dashboard by installing the Personal Authentication [com.snc.snihubpersonalauth] plugin and navigate to All > IntegrationHub > Personal Authentication > Personal Integrations.
    • Integrations shown on the dashboard are derived from the Connection & Credential Aliases [sysalias] table based on whether the credential has a valid token or not.
    • New personal authentication credentials can be configured by creating a Connection & Credential Alias with an OAuth 2.0 credential and setting the Integration Type to Personal.

    Token Revocation

    Revoking an authentication removes all active tokens related to that user’s session. To enable revocation at the OAuth Server level, provide the server’s token revocation endpoint URL in the Token Revocation URL field of the relevant OAuth Provider’s Application Registry record (All > System OAuth > Application Registry).

    Roles

    Access to the Personal Authentication dashboard requires the snpersonalauth.personalauthuser role.

    Use your personal credentials to connect to third-party integrations. View, authenticate, revoke, and renew your personal authentications through a simplified, consolidated interface.

    The Personal Authentication dashboard provides a streamlined way to manage your personal authentication integrations. With personal authentication, multiple users can use Integration Hub without needing to share superuser credentials. It also enhances security by removing the need to manage ACLs for third-party systems.

    This feature requires an Integration Hub subscription. For more information, see Legal schedules - IntegrationHub overview.

    Dashboard overview

    The Personal Authentication dashboard has two main sections.
    • The My Integrations section at the top of the page, which shows your authenticated integrations.
    • The Integrations I can use section at the bottom of the page, which shows the integrations available to you.
    Figure 1. Personal Authentication dashboard
    The Personal Authentication dashboard with two sections: The My Integrations section, and the Integrations I can use section.
    My Integrations section

    Displays authenticated integrations. Each integration has its own card. From the card, you can Revoke or Renew the authentication.

    When you revoke an authentication, you revoke any relevant access or refresh tokens for the personal authentication credential associated with the integration. Revoking invalidates the existing authentication. You can reauthenticate later to reestablish the connection. Once the authentication is revoked, the integration card moves to the Integrations I can use section of the dashboard.

    Renewing an authentication renews the associated token and updates the expiration date. To renew, select the Renew button on the integrations card. This button opens a pop-up window where you can reauthenticate the credential. The contents of the pop-up window depend on the integration.
    • For ServiceNow integrations, the pop-up window has fields where you can enter the Username and Password for the credential, then select Get OAuth Token.
    • For all other integrations, the pop-up window displays your OAuth credential page for that application.
    Integrations I can use section

    Displays the integrations that are available but not authenticated. To authenticate, select the Authenticate button on the integration card. Authenticating opens the same pop-up window that opens when you Renew an integration: For ServiceNow integrations, the pop-up window has the Username, Password, and Get OAuth Token buttons. For all other integrations, the pop-up window displays your OAuth credential page for that application.

    Once the credential is authenticated, the integration card moves to the My Integrations section at the top of the dashboard.

    Required dashboard setup

    If you're already using the personal authentication credential type, you can upgrade to the dashboard by installing the Personal Authentication [com.snc.sn_ihub_personal_auth] plugin. After installing the plugin, navigate to All > IntegrationHub > Personal Authentication > Personal Integrations to see the dashboard.

    The integrations on the dashboard all come from the Connection & Credential Aliases [sys_alias] table. Any alias where the credential has a personal integration type is displayed on the dashboard, according to the following guidelines.
    • If the credential currently has a valid token, it's listed in the My Integrations section of the dashboard.
    • If the credential doesn't currently have a valid token, it's listed in the Integrations I can use section of the dashboard.

    If you're not already using the personal authentication credential type, you can configure one by creating a Connection & Credential Alias that uses an OAuth 2.0 credential with the Integration Type of Personal. For more details and instructions, see Create a Connection & Credential alias.

    Token revocation URL

    Revoking an authentication revokes all the related active tokens stored in the instance for the user that initiated the session. You can also enable token revocation on the OAuth Server by providing the server's token revocation endpoint in the Token Revocation URL field.

    To enable authentication revocation at the OAuth Server, fill in the Token Revocation URL field in the Application Registries form for the integration's OAuth Provider. To fill in this field, follow these steps.
    1. Navigate to All > System OAuth > Application Registry.
    2. Select the form for the appropriate OAuth Provider from the Application Registries [oauth_entity] table.
    3. In the Token Revocation URL field, enter the OAuth Server's token revocation endpoint.

    Roles

    The Personal Authentication dashboard requires the sn_personal_auth.personal_auth_user role.