SAP credentials

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of SAP credentials

    The SAP credential type in ServiceNow manages access to SAP JCo systems and supports both Discovery and Orchestration processes. It enables secure authentication by storing and configuring necessary login details for SAP integrations, ensuring smooth connectivity during automated discovery and workflow execution.

    Show full answer Show less

    Key Features

    • Name and Activation: Assign a unique, descriptive name to each credential and enable or disable its use as needed.
    • User Name and Password: Standard login credentials are entered here. The system warns against leading or trailing spaces in usernames, which can cause login issues. For CIM discovery, the username must have admin privileges.
    • External Credential Store: Optionally use an external credential storage system, such as CyberArk, by enabling the External credential store checkbox. When enabled, credentials are referenced by a Credential ID instead of username and password.
    • Credential Alias: Allows workflow creators to assign specific credentials to individual activities within Orchestration workflows, enabling granular credential management per activity or CI type.
    • Applies To and MID Servers: Credentials can be assigned to all MID Servers or specific ones, controlling which MID Servers have visibility and access to the credential. This setting is crucial for managing credential usage across different parts of the network.
    • Order: Define the sequence in which Discovery attempts credentials to prevent lockouts after multiple failed login attempts and optimize credential testing order.
    • Windows MID Server Service Account: Mark the credential as representing the MID Server service account when applicable.

    Practical Use for ServiceNow Customers

    By correctly configuring SAP credentials, customers can ensure reliable authentication to SAP JCo systems for Discovery and Orchestration tasks. Using external credential storage enhances security by centralizing sensitive information. Assigning credentials to specific MID Servers and defining credential order improves control and efficiency, especially in environments with many credentials or strict security policies. Credential aliases help tailor Orchestration workflows with precise credential assignments, reducing manual errors and increasing operational flexibility.

    The SAP credential type manages access to SAP JCo systems. This credential type is available for Discovery and Orchestration.

    These fields are available in the Credentials form for SAP type credentials.
    Field Description

    Name

    Enter a unique and descriptive name for this credential.

    Active

    		Enable or disable these credentials for use.

    User name

    		Enter the user name to create in the Credentials table. Avoid leading or trailing spaces in user names. A warning appears if the platform detects leading or trailing spaces in the user name. For CIM discovery, the user must have the admin role.
    Password Enter the password.
    Credential ID Enter the unique key configured for external credentials in the JAR file uploaded to the MID Server for an external credential system. The Credential ID field has a limit of 40 characters.

    This field is only visible when the External credential store check box is selected.
    Credential alias Allow workflow creators to assign individual credentials to any activity in an Orchestration workflow or assign different credentials to each occurrence of the same activity type in an Orchestration workflow.

    To use the credential for discovering CIs not belonging to this CI type using Service Mapping and Discovery patterns, enter the table name for the CI type to which the CI belongs, for example cmdb_ci_apache_web_server.
    External credential store Select this check box to use an external credential storage system. When you select this option the User name and Password fields are replaced with the Credential ID field. External credential storage is only available when the External Credential Storage plugin in activated.
    Note:
    Currently, the only supported external storage system is CyberArk.
    Applies to

    Select whether to apply these credentials to All MID servers in your network, or to one or more Specific MID servers. Specify the MID Servers that should use these credentials in the MID servers field.
    MID servers Select one or more MID Servers from the list of available MID Servers. The credentials configured in this record are available to the MID Servers in this list. This field is available only when you select Specific MID servers from the Applies to field.
    Note:
    Selecting Specific Specific MID servers doesn’t affect mid server selection. It’s used only to decide which mid servers should have visibility to the credential. Specific MID servers isn’t supported in Orchestration activities.
    Order

    Order (sequence) in which Discovery tries this credential as it attempts to log on to devices. The smaller the number, the higher in the list this credential appears. Establish credential order when using large numbers of credentials or when security locks out users after three failed login attempts. If all the credentials have the same order number (or none), the instance tries the credentials in a random order.

    Windows MID Server Service Account

    When active, the defined credential represents the MID Server service account.