Integration Tasks

Introduction

The following tasks are covered in this section:

A. Install Integration

B. Authorize Connection

C. Configure Flow

D. Assign User Access

E. Use Features

A. Install Integration

The integration described in this document is made possible through a connection between ServiceNow and Admin By Request via a custom-built ServiceNow application. The first task involves installing the app in ServiceNow.

  1. Go to the ServiceNow Store, and select Integrations from the top menu:

  2. Use the search box to search for Admin By Request. Scroll down to the Integrations section, and select the Admin By Request app:

  3. In the Admin By Request app page, select the Get button on the right-hand side:

  4. Follow the instructions on screen to install the app in your ServiceNow instance.

B. Authorize Connection

Data-sharing from the Admin By Request portal to ServiceNow requires a connection between the ServiceNow application and the Admin By Request public API. Task B of the integration process involves authorizing this connection.

  1. In your ServiceNow instance, using the Filter Navigator search box, locate the Admin By Request app:

  2. Select Properties from the sub-menu:

  3. In the ABR Properties page, paste your API key into the API Key text box:

    NOTE

    Your data is stored in a data center that is located in one of the geographic locations listed below. These are in Europe, the USA and the UK.

    To determine your data location, go to page Tenant Settings > Retention in the portal and note the geographic location shown in field Data Location. It will be one of the following:

    • EU West (Netherlands)   (Europe - Netherlands)

    • Virginia, United States   (USA)

    • London, United Kingdom   (UK)

    • Frankfurt, Germany   (Europe - Germany)

  4. Click Save.

    The remaining fields on the page are automatically filled out based on data pulled from your tenant when the API connection is established:

C. Configure Flow

The Admin By Request / ServiceNow integration incorporates a pre-built Flow (also referred to as Schedules in ServiceNow) designed to automatically get Admin By Request data into your ServiceNow instance. This task covers the steps involved in enabling the Flow to run so that the application can begin pulling the appropriate data.

  1. Using the Filter Navigator search box, locate and select Flow Designer:

  2. In the Flows tab, click the Search icon underneath the main search menu:

  3. Use the Application search box to locate the Admin By Request Flow:

  4. The following Flow is displayed for the Admin By Request application:

    • Admin by Request - Update Audit Logs

  5. Click into the flow by selecting its name in the Name column. This opens the following screen, displaying the sections detailed below:

    • TRIGGER: Specifies if and how often the Flow is repeated.

    • ACTIONS: Lists the actions performed in the Flow

  6. Click the Activate button in the top right-hand menu.

  7. This opens a confirmation prompt. Click the Activate button in the prompt to enable the flow to run:

  8. Upon successful activation, a Success message appears in the bottom right-hand corner of the screen:

  9. Use the Home icon next to the Flow tab in the top left-hand menu to navigate back to Step 1 of this task:

  10. To test successful connection (B. Authorize Connection) and correct flow (C. Configure Flow), navigate to the Admin By Request Auditlog page in the ServiceNow app; listed here should be the existing Auditlog data from your portal:

    NOTE

    This assumes that you have existing Auditlog data in your portal to be pulled through to ServiceNow.

D. Assign User Access

Once the Flow is activated and the application is successfully pulling / updating data, access needs to be granted to the appropriate users within the ServiceNow instance, so that they can interact with Admin By Request features. This task covers the process of creating a group of users and assigning them access using pre-configured ServiceNow Roles.

In this example, we assign an Example Approvers group the role of User, which allows them to Approve or Deny requests within ServiceNow.

  1. Using the Filter Navigator search box, locate and select Groups (under Users and Groups):

  2. Click the New button in the top left-hand menu:

  3. Fill out the fields as appropriate (i.e., according to your organizations preferences) and click Submit:

    NOTE

    In the above example, only the Name and Description fields are filled out.

  4. Search by Name in the top search bar to locate and select the Example Approvers group created in the previous step (i.e., Step 3):

  5. In the Roles tab in the bottom left-hand menu, click the Edit… button:

  6. Use the Collection search box to locate the two pre-configured roles for this application:

    • x_syaps_abr.abr_admin: Users assigned this role have administrative access within the application, which includes the ability to access all application features (Requests, Auditlog) and the Properties page.

    • x_syaps_abr.abr_user: These users are able to access and interact with the Admin By Request Auditlog and Requests features (i.e., view / manage Auditlog data and Approve or Deny Requests).

  7. Select the User role (i.e., x_syaps_abr.abr_user) and click the right-facing arrow button to assign the role to the Example Approvers group:

  8. The role appears under the Roles list in the right-hand field. Click Save:

  9. Users can now be added to the group in the same process used to assign roles. Return to the Group page, and use the Edit… button in the Group Members tab:

  10. Use the Collection search box to locate the users for the Group, and the right-facing arrow button to add them to the Example Approvers Group.

    NOTE

    Roles can also be assigned to individual users. Navigate to Users from the Filter Navigator search box (under Users and Groups) and follow a similar process to what is described in this Task (i.e., Task D) to assign the appropriate Role to the user.

E. Use Features

Once the correct Roles are assigned, users are able to access Admin By Request data through the integrated features: Auditlog and Requests. Task E covers how to use these features within the ServiceNow application.

NOTE

This Task is demonstrated from the viewpoint of regular user in the ServiceNow instance (i.e., a member of the Example Approvers Group assigned the role of User in Task D) as opposed to an Administrator (the role required for tasks A through D).

Auditlog

  1. Using the Filter Navigator search box, locate the Admin By Request app and select Auditlog from the sub-menu:

  2. The Auditlog page displays all of the recent Auditlog data from Run As Admin and Admin Session requests. Information includes:

    • State: This could be ‘Pending Approval’, ‘Denied’, ‘Open’, or ‘Finished’.

    • Type: Either ‘Run As Admin’ or ‘Admin Session’.

    • Application: The application that the user requested to Run As Admin.

      There are no applications listed in this column for Admin Sessions because multiple applications may have been accessed during the time the Admin Session was active.

    • Scan Result: This column displays ‘Clean’ unless the VirusTotal scan has flagged malware.

  3. Select an item in the list using the State column to view the available data for that Auditlog entry. Available data may include some or all of the following:

    If logged in to your instance as a ServiceNow administrator (not just an application admin), Auditlog data can be edited and updated manually by making the desired changes to an Auditlog entry and clicking the Update button. However, editing Auditlog data is NOT RECOMMENDED.

  4. Selecting an item in the Activity column (from the Audit Log Activities section, bottom of page) displays further information, such as the file path:

Requests

  1. Select Requests from the FastTrack – Admin By Request sub-menu:

  2. The Requests page displays all of the requests made by users that are pending approval:

  3. Click into an item in the list by selecting Pending Approval in the State column:

  4. Information about the request is displayed. Click the Approve button to approve the request:

    The user who made the request will receive an email from Admin By Request that their request has been approved. When the request is complete, the details will be available in the Auditlog in ServiceNow.

  5. To deny a request, click into the Request and select the Deny button:

  6. A confirmation window appears following this action. Click Yes to deny the request, with the option of stating a reason for denial:

    The user who made the request will receive an email that their request has been denied, with the reason included (if reason was given).