Prerequisites
Your ServiceNow account must have permission to perform the following actions. Skip any item that is already configured in your instance.- Add an x509 Certificate (under Multi-Provider SSO)
- Create an OAuth JWT Application (under System OAuth → Application Registry)
- Add a User (under User Administration)
- View and copy a Group’s sys_id (under Users and Groups)
Step 1 - Download the Oleria public certificate
Open the Ticketing System page
Download the public key
oleria-public-key.pem. You will upload this file to ServiceNow in the next section.Step 2 - Configure ServiceNow
As you work through the steps below, copy and save the following values. You will need them to complete Step 3:Upload Oleria's Public Certificate
- Log into your ServiceNow instance with administrator credentials.
- From the All menu, navigate to x509 Certificate under Multi-Provider SSO → Administration.
- Create a new x509 certificate - select New from the upper right-hand corner of the x.509 Certificates page.
- From the New record page, enter the following information:
- For PEM Certificate, open the
oleria-public-key.pemfile you downloaded in Step 1 and paste its full contents. - Select Submit.
Create an OAuth JWT Application
- From the All menu, navigate to Application Registry under System OAuth.
- From Application Registries, select New from the upper right-hand corner.
- From What kind of OAuth application?, select Create an OAuth JWT API endpoint for external clients.
- From OAuth JWT - New Record, reveal the Public Client hidden field in the form layout:
- Select the three horizontal lines icon next to New Section New Record in the upper-left corner.
- Select Configure → Form Layout.
- From Configuring OAuth JWT form, under the Available column, find and select the Public Client field, then select the arrow pointing right to move it to the Selected column.
- Select Save in the upper right-hand corner.
- From OAuth JWT - New Record, enter the following information:
- Leave the remaining fields with their default values (including leaving Client Secret blank).
- Save the Client ID value - you will need it in Step 3.
- Add useraccount to the Auth Scope for the JWT application:
- From the Auth Scope section, select Insert a new row…
- In the textbox, search for useraccount, select a result from the dropdown, and select the green check icon.
- Select Submit.
Map Oleria's public key to the OAuth JWT Application
- From Application Registries, find and view the OAuth JWT application you created (e.g., Oleria ServiceNow Incident Creation JWT OAuth - tenantName).
- To navigate there: from the All menu, go to Application Registry under System OAuth.
- From the OAuth JWT Application page, scroll to the bottom to the Jwt Verifier Maps tab.
- Add a Jwt Verifier Map - select New from the Jwt Verifier Map tab.
- From Jwt Verifier Map - New Record, enter the following information:
- Save the Kid (Key ID) value - you will need it in Step 3.
- Select Submit.
Limit access to the Oleria service account
- From the OAuth JWT Application page, scroll to the bottom to the OAuth JWT Claim Validations tab.
- Select New.
- From OAuth JWT Claim Validation - New Record, enter the following information:
- Save the Claim Value (your Oleria service account email address) - you will need it in Step 3.
- Select Submit.
Find or create a role with write access to the Incidents table
- From the All menu, navigate to Roles under System Security → Users and Groups.
- Search for a role named sn_incident_write. If found, continue to the next step. If not found, create a new role.
Create a service account
- From the All menu, navigate to Users under User Administration.
- Select New from the upper right-hand corner.
- From User - New Record, enter the following information:
- Select Submit.
Associate the role to the service account
- From the All menu, navigate to Users under User Administration.
- Find the Oleria service account (e.g., “Oleria Integrator - tenantName”) and select its name.
- From the User page, scroll to the bottom and select the Roles tab.
- Select Edit….
- From Edit Members, search for sn_incident_write in the Collection column, select the role, and select the Add icon to add it to the selection list.
- Select Save.
Find the Assignment Group sys_id
- From the All menu, navigate to Groups under System Security → Users and Groups.
- Find the group you want to assign incidents to (e.g., RiskRemediators) and view it. Create a new group if needed.
- From the Group page, select the three horizontal lines icon in the upper left-hand corner, then select Copy sys_id.
- Save the sys_id value - you will need it in Step 3.
Step 3 - Connect ServiceNow to Oleria
Open the Ticketing System page
Confirm ServiceNow is configured
Connect ServiceNow
Provide authentication details
Configure the ticket assignment group
Confirm the connection

