Integrating Server Suite with ServiceNow
Integration between Delinea Server Suite and ServiceNow enables centralized identity management and access control within the ServiceNow platform. Server Suite Privilege Access Request application is designed to serve as an integration between Delinea Server Suite, Privileged Access Service (PAS), and the ServiceNow platform.
Integration is intended for self-service users to request access through the Service Catalog, ITIL users to process the catalog task, and application administrators to configure and view dashboards, data, and logs regarding the application. Using PAS that is integrated with Server Suite you can request a Zone Role Workflow which will update the Server Suite Zone with a Role Assignment. The requesting user can log in and gain minimal privileges to the target or group of systems.
For details about supported Delinea Server Suite versions and which ServiceNow releases they're compatible with, see ServiceNow Release Integration Matrix.
REST API Features
- Server Suite REST API outbound integrations to sync accounts and resources through an hourly scheduled job so that the information is continued in ServiceNow. These integrations can also be triggered on demand through UI actions on their corresponding tables in the application.
- Server Suite REST API outbound integration gathers Delinea user data for their Delinea ID.
- Server Suite REST API outbound integration grants temporary or permanent account privilege access through the application catalog item workflow.
- Server Suite REST API outbound integration views the privileges the user currently has through the application catalog item workflow.
- Server Suite REST API outbound integration imitates the request for the user Delinea ID through the application catalog item workflow.
Performance Considerations
- The application utilizes REST-based web services for all integration points.
- Data is imported using import sets and transformed via transform maps.
-
The import set tables are indexed on their coalesce field(s) to optimize
performance and ensure duplicate records are not created.
- The user’s Delinea ID is stored on the sys_user table so that only one call ever needs to be made to the API to retrieve the ID. All subsequent use cases will retrieve the ID from the sys_user table.
- The user’s privileges are retrieved through the API on demand when submitting the catalog item as opposed to a scheduled job sync to avoid syncing large numbers of users. Instead, the privileges are retrieved in real-time as a user orders the catalog item.