Skip to main content

ServiceNow Connection

This article covers how to connect your ServiceNow account to Drata with automation options.

Updated yesterday

Connecting ServiceNow to Drata allows you to automatically monitor and verify how your organization tracks and prioritizes security issues within ServiceNow. You can also optionally enable Write Access to create and manage tickets directly from Drata.

There are two ways to connect ServiceNow to Drata:

Setup Option

Requirements

Admin Setup (Recommended)

Requires admin and web_service_admin roles

Non-Admin Setup (Least Privilege)

Requires creating a custom role, assigning ACLs, and granting table-level permissions

Option 1: Admin Setup (Quick Start)

This is the easiest and fastest way to connect ServiceNow to Drata.
You’ll need admin credentials in your ServiceNow instance.

Step 1: Locate Your Subdomain

If you sign in at https://acme.service-now.com, your subdomain is acme.
When prompted in Drata, enter your subdomain only.

Step 2: Confirm Admin Roles

In ServiceNow:

  1. Go to All → User Administration → Users.

  2. Find your admin user record.

  3. In the Roles tab, confirm the following roles are added:

    • admin

    • web_service_admin

  4. If missing, click Edit, add the roles, and click Save.

Option 2: Non-Admin Setup (Least Privilege)

This method follows the principle of least privilege, using a custom integration user and ACL-based table access.


Recommended for organizations that restrict admin credentials or enforce role-based access controls.

Step 1: Create a Custom Role

In ServiceNow:

  1. Navigate to All → User Administration → Roles → New.

  2. Fill out:

    • Name/Suffix: drata_integration_role (or similar)

    • Description: Custom role for Drata API access

  3. Click Save.

Step 2: Create a Non-Admin Integration User

  1. Go to All → User Administration → Users → New.

  2. Fill out:

    • User ID: integration_user

    • Active:

    • Web service access only: (optional, enables API-only access)

    • Password: Set a local password (required for Basic Auth)

  3. Save the user record.

Step 3: Assign the Role to the User

  1. Open the integration user you just created.

  2. Scroll to Roles → Edit.

  3. Add:

    • Your custom role (x_<instance_prefix>_drata_integration_role)

    • (Optional) itil and snc_platform_rest_api_access for ITSM and REST access.

  4. Click Save.

Step 4: Create Custom ACLs

Note: Before creating a Custom ACL, make sure your role is allowed to add Custom ACLs. This can be manually done by User Profile > Keyboard shortcuts > Elevate role and enabling the security_admin role for the user.

You must create an ACL per table and operation type (read, write, create).

  1. Go to All → System Security → Access Control (ACL) → New.

  2. Fill out:

    • Type: record

    • Operation: read, write, or create

    • Name: table name (e.g., incident)

      Screenshot 2025-10-07 at 6.21.44 PM.png

    • Requires role: your custom integration role

      Screenshot 2025-10-07 at 6.24.09 PM.png

  3. Click Submit.

  4. Repeat for all relevant tables (incident, problem, task, sys_user, etc.).

Connect to Drata

In Drata:

  1. Go to Connections → ServiceNow.

  2. Enter your subdomain, username, and password.

  3. Select ticket type(s): Incident, Problem, or Task.

  4. Enter your organization’s security tag (must exactly match what exists in ServiceNow).

  5. Ensure the Priority field is enabled in ServiceNow for your chosen ticket types.

  6. (Optional) Toggle Write Access to allow Drata to create tickets directly.

Note: Only one ticketing connection in Drata can have Write Access enabled.

Configure your ServiceNow Connection for Test 26

  • By default, the ticket type will be set as Incident and the tag Drata will look for will be Security. To change this, follow the steps below when you are first making the connection or editing the connection.

  • Please select the ticket type(s) that your organization uses for security related tasks. Drata currently supports 3 ticket types: Incidents, Problems, and Tasks.

  • Enter a tag that your organization uses to categorize security related tickets. For all tickets in the types you selected previously, Drata will evaluate tickets with the tag you specify.

    • Note: You must make sure this tag is enabled in your ServiceNow account. Please make sure it exactly matches what you have in your account

  • For tickets that meet the above specifications, Drata will check if they have a priority. Please ensure your ticket types selected above have the Priority field enabled in your ServiceNow account

  • You can always modify the specifications by clicking on the edit icon when viewing your ServiceNow Connection.

Related Articles
GCP (Google Cloud Platform) Connection (Manual)
Kandji Connection
Hexnode UEM (Windows) Connection
Create Tickets for ServiceNow
ClickUp Connection
Did this answer your question?