Skip to main content

Celonis Product Documentation

Connecting to ServiceNow

Important

Any references to third-party products or services do not constitute Celonis Product Documentation nor do they create any contractual obligations. This material is for informational purposes only and is subject to change without notice.

Celonis does not warrant the availability, accuracy, reliability, completeness, or usefulness of any information regarding the subject of third-party services or systems.

You can connect your ServiceNow tenant with the Celonis Platform, enabling the platform to perform read-only operations on your ServiceNow data. Transfer of the data from ServiceNow to Celonis Platform is secured through HTTPS via TLS 1.2, which allows for an encrypted exchange of information.

For a video overview of how to connect to your ServiceNow tenant:

 
Prerequisites for connecting to ServiceNow

Before connecting to your ServiceNow tenant, you must meet the following prerequisites:

  • ServiceNow user permissions: To extract data from your ServiceNow tenant, you need access to a user with the following permissions:

    • Roles: soap_query, rest_service

    • Table access: Access to the table 'sys_db_object' and all tables you want to extract.

    For more information, see: Configuring ServiceNow user permissions.

  • Allowlist Celonis Platform IPs and domains: If your ServiceNow instance is only reachable within a certain IP range, you need to allowlist the outbound IPs of the Celonis Platform, otherwise data cannot be extracted. The IPs of the Celonis Platform are different depending on the cluster (eu-1 or us-1).

    For more information, see: Allowlisting domain names and IP addresses

Configuring ServiceNow user permissions

To extract data from your ServiceNow tenant, you need access to a user with the following permissions:

  • Roles: soap_query, rest_service

  • Table access: Access to the table 'sys_db_object' and all tables you want to extract.

To configure this user, we recommend the following steps:

  1. Create a new role: In order to assign the correct access right to the user used for the Celonis extraction, we recommend creating a new role in the user administration section.

  2. Create a new user and assign the required roles: Assign the roles soap_query, rest_service, and the role you created in step 1.

  3. Elevate privileges of your user: In order to modify access control for the newly created Celonis role, you need to elevate your privileges. You can do this by clicking Elevate Roles.

    With the elevated role, you can then open access control lists (ACL).

    elevate_role.png

  4. Create two ACL:

    • ACL One:

      • Operation: read

      • Active: true

      • Name: Table [sys_db_object]

      • Field (Column): *

      • Required roles: the role created in step 1.

    • ACL Two:

      • Operation: read

      • Active: true

      • Name: Table [sys_db_object]

      • Field (Column): --None--

      • Required roles: the role created in step 1.

    Settings that take an asterisk (*) are dependent on their ServiceNow permission settings. If you experience problems, change * to None.

  5. Allow access to all tables: You should now allow access to all tables you want to extract. With the elevated role you can open access control lists (ACL). Here you need to create a new ACL with the following attributes:

    • Operation: read

    • Active: true

    • Name: the name of the table

    • Field (Column): all fields selected

    • Required roles: the role created in step 1.

  6. Repeat step 6 for all tables you want to extract.

For the latest ServiceNow documentation and the steps involved, see: ServiceNow - Product Documentation.

Creating a data connection between ServiceNow and the Celonis Platform

With access to the necessary ServiceNow user permissions, you can create a connection between your ServiceNow tenant and the Celonis Platform from your data pool diagram:

  1. Click Data Connections.

    data_connections_within_data_pool_diagram.png

  2. Click Add Data Connection and select Connect to Data Source.

  3. Select Cloud - ServiceNow.

  4. Configure the following connection details:

    • Name: An internal reference for this data connection.

    • Authentication method: Choose between basic authentication (with the username and password of the user created with necessary permissions) or OAuth. To authenticate via OAuth, you need to register Celonis as an application that has access to your account. If prompted for a redirect URL, use:

      https://auth.redirect.celonis.cloud/service-now_redirect

    • Tenant or URL: The realm of your ServiceNow instance. The realm can be found by looking at the system URL. For example, in this URL: https://mycompany.service-now.com, "mycompany" would be the realm.

  5. Click Test Connection and correct any issues highlighted.

  6. Click Save.

    The connection between your ServiceNow tenant and the Celonis Platform is establised. You can manage this connection at any time by clicking options:

    manage_existing_coupa_connection.png
Filtering ServiceNow data

When executing your ServiceNow extractions, you can filter the data you extract. However you can't use all combinations of AND / OR filters, so we recommend the following:

  • Option 1 AND Option 2, for example:

    sys_created_on > '2011-09-14' AND sys_updated_by = 'system'

  • Option 1 OR Option 2, for example:

    sys_created_on > '2011-09-14' OR sys_updated_by = 'system'

  • (Option 1 AND Option 2) AND Option 3, for example:

    (sys_created_on > '2011-09-14' AND sys_updated_by = 'system') AND sys_updated_on > '2018-12-05'(A AND B) AND C, example:

  • (Option 1 OR Option 2) OR Option 3, for example:

    (sys_created_on > '2011-09-14' OR sys_updated_by = 'system') OR sys_updated_on > '2018-12-05'

  • Option 1 OR (Option 2 AND Option 3), for example:

    sys_updated_by = 'system' OR (sys_created_on > '2011-09-14' AND sys_updated_on > '2018-12-05')