Adding the Ping Identity provisioning role in ServiceNow - PingFederate

ServiceNow Provisioner
bundle
pingfederate-servicenow-connector
ft:publication_title
ServiceNow Provisioner
Product_Version_ce
category
Administrator
Audience
ContentType
English
Integration
Language
Product
Productdocumentation
ServiceNow
integrationdocx
pingfederate
ContentType_ce
Product documentation
Integration

To allow PingFederate to manage users in ServiceNow, add the special Ping Identity provisioning role in your ServiceNow instance.

  1. Sign on to https://yourinstance.servicenow.com as an administrator.
  2. Install the Ping Identity Provisioning Solution app.
    The app contains the provisioning role.
    1. In the ServiceNow admin console, navigate to All Available Applications.
    2. Search for and select the Ping Identity Provisioning Solution app.
    3. Click Install.
  3. Optional: If you want the ServiceNow connector to be able to remove roles from users, grant additional permissions to the provisioning role.
    CAUTION:

    Due to a limitation in the ServiceNow API, the ServiceNow Provisioner requires additional security permissions to be able to remove roles from users. We recommend that you only grant these permissions if you require the role removal functionality. Otherwise, skip these steps. For more details, see Known issues and limitations.

    1. In the upper-right corner, click your administrator account name. Click Elevate Roles.

      The ServiceNow account name menu.
    2. On the Elevate Roles dialog, select security_admin. Click OK.
    3. Go to System Security > Access Control (ACL). Click New.
    4. On the New record tab, from the Operation list, select Delete.
    5. From the Name list, select User Role (sys_user_has_role).
    6. In the Requires role section, double-click Insert a new row.
    7. Enter ping_identity_provisioning_role, and then press enter.

      The new role field with ping_identity_provisioning_role entered.
    8. Click Submit.