REST messages for the Vulnerability Response Patch Orchestration with Microsoft SCCM

  • Release version: Zurich
  • Updated September 5, 2025
  • 1 minute to read

    • The Vulnerability Response Patch Orchestration with Microsoft SCCM uses the SCCM Windows Management Instrumentation (WMI) classes to make calls to the SCCM Server API.

    Overview of REST messages

    The SMS Provider provides API an inter-operability access over HTTPS, called the administration service. The administration service is a representational state transfer (REST) API based on the Open Data (OData) v4 protocol.

    See What is the administration service in Configuration Manager for more information about the administration service use with this integration.

    Since the authentication needed uses the Windows New Technology LAN Manager NTLM protocol, calls to the APIs are made through the MID Server using PowerShell scripts.

    Microsoft SCCM integration

    You can use the REST message for the Microsoft SCCM integration to retrieve information from Microsoft SCCM. Changes to the record method of the REST message impact the requests made to Microsoft SCCM to retrieve information. REST messages contain the following REST methods.

    WMI Class names:

    • SMS_Collection
    • SMS_DeploymentSummary
    Parameter name Value Description
    url Dynamic values based on user Indicates the endpoint of the SCCM Console

    Microsoft SCCM deploy patch

    You can use the REST message for the Microsoft SCCM integration to schedule patches from your ServiceNow AI Platform® to the Microsoft SCCM. Changes to the record method of the REST message impact the requests made to SCCM to retrieve information. REST messages contain the following REST methods.

    REST method Description
    POST Deploy Patch Schedules the patch to SCCM console on single/multiple computers.
    Parameter name Value Description
    url Dynamic values based on user Indicates the endpoint of the SCCM Console.
    title Dynamic values based on user Title of the deployment.
    settings_tag XML tag-named settings with values Indicates settings that have different parameters and are sent to SCCM while scheduling the patch.
    computer_tag XML tag-named computers with values Indicates list of computers on which the patch is going to be scheduled.
    site_name Value from patch update Name of the site where the Patch is present.
    Patch_id Value from patch update Id of the Patch.