Skip to main content

ServiceNow Connection

This article covers how to connect your ServiceNow account to Drata with automation options.

Updated over 2 weeks ago

Connecting ServiceNow to Drata allows you to automatically monitor and verify how your organization tracks and prioritizes security issues within ServiceNow.

Prerequisite

To authenticate ServiceNow, you will need to provide the following information:

  • ServiceNow Subdomain

  • ServiceNow Username

  • ServiceNow Password

Setup Options

Before connecting, decide how you want to configure access within ServiceNow.


This determines what roles and permissions your ServiceNow user will need.

ServiceNow Role

ServiceNow Requirements

Admin Setup (Recommended)

Requires admin and web_service_admin roles

Non-Admin Setup (Least Privilege)

Requires creating a custom role, assigning ACLs, and granting table-level permissions

Option 1: Admin Setup (Quick Start)

Step 1: Locate Your Subdomain

If you sign in at https://acme.service-now.com, your subdomain is acme.
When prompted in Drata, enter your subdomain only.

Step 2: Confirm Admin Roles

In ServiceNow:

  1. Go to All → User Administration → Users.

  2. Find your admin user record.

  3. In the Roles tab, confirm the following roles are added:

    • admin

    • web_service_admin

  4. If missing, click Edit, add the roles, and click Save.

Option 2: Non-Admin Setup (Least Privilege)

This method follows the principle of least privilege, using a custom integration user and ACL-based table access.


Recommended for organizations that restrict admin credentials or enforce role-based access controls.

Step 1: Create a Custom Role

In ServiceNow:

  1. Navigate to All → User Administration → Roles → New.

  2. Fill out:

    • Name/Suffix: drata_integration_role (or similar)

    • Description: Custom role for Drata API access

  3. Click Save.

Step 2: Create a Non-Admin Integration User

  1. Go to All → User Administration → Users → New.

  2. Fill out:

    • User ID: integration_user

    • Active:

    • Web service access only: (optional, enables API-only access)

    • Password: Set a local password (required for Basic Auth)

  3. Save the user record.

Step 3: Assign the Role to the User

  1. Open the integration user you just created.

  2. Scroll to Roles → Edit.

  3. Add:

    • Your custom role (x_<instance_prefix>_drata_integration_role)

    • (Optional) itil and snc_platform_rest_api_access for ITSM and REST access.

  4. Click Save.

Step 4: Create Custom ACLs

Note: Before creating a Custom ACL, make sure your role is allowed to add Custom ACLs. This can be manually done by User Profile > Keyboard shortcuts > Elevate role and enabling the security_admin role for the user.

You must create an ACL per table and operation type (read, write, create).

  1. Go to All → System Security → Access Control (ACL) → New.

  2. Fill out:

    • Type: record

    • Operation: read, write, or create

    • Name: table name (e.g., incident)

      Screenshot 2025-10-07 at 6.21.44 PM.png

    • Requires role: your custom integration role

      Screenshot 2025-10-07 at 6.24.09 PM.png

  3. Click Submit.

  4. Repeat for all relevant tables (incident, problem, task, sys_user, etc.).

Step 5: Writing Tickets (POST Access)

  1. Grant Table Access Permissions
    To create tickets via the ServiceNow Table API (POST /api/now/table/<table_name>), the user must have create ACLs or roles granting write access.

Table

Purpose

Required Role

/now/table/incident

Create incidents

itil

/now/table/problem

Create problems

itil

/now/table/task

Create generic tasks

itil

/now/table/sc_task

Create catalog tasks

itil

/now/table/sc_request

Create service requests

itil or catalog_admin

/now/table/sn_customerservice_case

Create customer cases

sn_customerservice_agent

For detailed ACL creation steps, see Merge: Setting up ServiceNow Scopes and Roles for Non-Admin Users.

Connect ServiceNow in Drata

  1. In Drata, go to Connections → Available Connections → ServiceNow.

  2. Select the ticket type(s) your organization uses for security issues.

    • Drata currently supports 3 ticket types: Incidents, Problems, and Tasks.

  3. Enter your Security Tag (e.g., Security). It must exactly match the tag used in ServiceNow.

  4. Ensure the Priority field is enabled in ServiceNow for your selected ticket types.

  5. (Optional) Toggle Write Access to allow Drata to create tickets directly.

  6. Click Make Connection to open the ServiceNow authentication widget.

When the widget opens you will see two options:

Option

What Happens

Use My Credentials (Recommended)

Accept permissions → Enter your subdomain → Click Connect ServiceNow → Sign in and authorize access.

Username and Password

Accept permissions → Enter subdomain → Enter username and password → Drata sets up your account (usually completes within a few minutes).

Additional Resources

Related Articles
GCP Integration Guide (Manual)
Hexnode UEM (macOS) Connection
Hexnode UEM (Windows) Connection
Create Tickets for ServiceNow
15Five Integration Guide
Did this answer your question?