MID Server Governance

  • Release version: Zurich
  • Updated July 31, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of MID Server Governance

    MID Server Governance enhances the security of MID Servers by automatically invalidating and shutting down inactive MID Servers after a configurable period of inactivity. This helps prevent unauthorized use of forgotten or compromised MID Servers connected to your ServiceNow instance. The feature is part of the MID Server plugin but is not enabled by default.

    Show full answer Show less

    Enable and Configure MID Server Governance

    • Enable governance globally by setting the system property mid.inactivity.timeout.enabled to true.
    • Set the global inactivity timeout period using mid.inactivity.timeout.days, specifying the timeout in days (default is 30 days if unspecified).
    • Override the global timeout per MID Server by configuring mid.inactivity.timeout.days as a parameter on that MID Server. Setting this to 0 disables governance for that specific MID Server.
    • Configuration changes apply immediately without needing a MID Server restart.
    • Governance supports both basic and mutual authentication modes.

    Activity Tracking and Auto-Invalidation

    • The MID Server monitors activity via ECC queue messages and reports its last activity hourly.
    • If inactivity exceeds the configured timeout and the MID Server is active, it is automatically invalidated and shut down.
    • If inactivity timeout is reached while the MID Server is offline, a scheduled job on the instance invalidates it accordingly.
    • Users receive warning messages on the MID Server page as the timeout approaches: info messages between 3-7 days remaining and error messages under 3 days remaining.
    • After auto-invalidation, an error message shows the date of auto-invalidation.

    Clearing Auto-Invalidated Status

    • To restart an auto-invalidated MID Server, the auto-invalidated status must be manually cleared using the “Clear auto invalidated” UI action on the MID Server instance page.
    • Attempting to restart without clearing this status will cause immediate shutdown and log an issue.
    • After clearing, the MID Server should be restarted and validated as usual.

    Additional Details

    • The Purpose field on the MID Server record is a user-editable description to note the intended use of the MID Server; it does not affect functionality.
    • This governance mechanism aligns with other security features such as MID Server certificate policies, authentication credentials, mutual authentication, and cryptographic configurations.

    Implementing MID Server Governance helps ServiceNow customers maintain tighter control over MID Servers, reducing the risk posed by inactive or forgotten servers while providing configurable flexibility to suit organizational needs.

    Improve MID Server security by setting an automatic timeout to invalidate and shut down inactive MID Servers. You can enable this feature and set the inactivity timeout period globally and for each MID Server.

    Set-up indicator for security phaseEnsure that the MID Server can connect to elements inside and outside your networkDownload and install the MID Server on a Linux or Windows hostConfigure your MID ServerConfigure MID Server securityEnsure that the MID Server can connect to elements inside and outside your networkDownload and install the MID Server on a Linux or Windows hostConfigure your MID ServerConfigure MID Server security

    Overview of MID Server Governance

    MID Server Governance prevents forgotten MID Servers connected to ServiceNow instances from being utilized if the instance is compromised. ​MID Server Governance keeps a record of the last status change of the MID Server validation/invalidation process.

    This feature is not enabled by default, and is available out-of-the-box as part of the MID Server plugin. Once enabled, MID Server authentication is expired after a predetermined period of inactivity unless explicitly configured to never expire.

    Enable and Configure MID Server Governance

    MID Server Governance is enabled for all MID Servers by setting the following true/false system property:​ mid.inactivity.timeout.enabled. This property is not defined by default. The global inactivity timeout is ​specified by setting the following integer system property: mid.inactivity.timeout.days. The property takes an integer which specifies the timeout in days. The default timeout is 30 days if unspecified.

    You can override the timeout for a particular MID Server by specifying mid.inactivity.timeout.days as a configuration parameter on that MID Server. A timeout value of 0 disables MID Server Governance on that MID Server. Therefore, you can set a global timeout and also change or disable timeouts for certain MID Servers.

    You do not need to restart the MID Server after changing the Governance configuration. Governance works with either basic or mutual authentication.

    Activity Tracking

    The MID Server analyzes activity by tracking incoming and outgoing ECC queue messages​. Once per hour, the MID Server reports the last activity to instance, which is stored in the ecc_agent record​​, and checks if the inactivity timeout has been reached. If the inactivity timeout has been reached and the MID Server is up, the MID Server is invalidated and shuts down. If the timeout is reached when the MID Server is down, a job on the instance determines if the MID Server is idle and invalidates it on the instance.

    When MID server is approaching auto-invalidation timeout due to inactivity, the MID Server page will display a message indicating:​

    • An info message when 3-7 days remain before inactivity timeout.

    • An error message when less than 3 days remain before inactivity timeout.

    • After a MID has been auto-invalidated, an error message is displayed indicating the date the MID was auto-invalidated​.

    Clearing the auto-invalidated state

    After a MID Server has been auto-invalidated, the auto-invalidated status must be manually cleared in order to bring the MID back up successfully​. The MID Server shuts down immediately if it is restarted without clearing this state. In addition, a MID issue will be logged indicating this occurrence.

    The auto-invalidated state of a MID Server can be cleared by selecting the Clear auto invalidated UI action from the MID Server instance page​. After invoking this UI action, the user should start their MID Server and continue with the usual validation process.

    Purpose field

    The purpose is a text field that the customer can update at any point to indicate the intended usage for the MID Server. This field is purely descriptive and has no further interactions.