Integrating OpenIAM with ServiceNow

ServiceNow (SNOW), a cloud-based IT Service Management platform, is widely used by many of OpenIAM's enterprise customers. These organizations rely heavily on SNOW as their core system for enabling end-users to request services and for IT to efficiently manage and fulfill these requests. 

OpenIAM enhances this ecosystem with its robust access request functionality within its self-service portal. Here, end-users can browse a service catalog to request access, encountering two types of entitlements: Automated and Manual. Automated entitlements are linked to systems directly connected to OpenIAM, while Manual entitlements apply to systems without an existing OpenIAM connector, requiring manual fulfillment. 

For organizations already leveraging SNOW, there's a preference to manage these manual requests directly through SNOW tickets. This integrates seamlessly with their IT operations, allowing teams to operate within a unified platform. Our latest integration strategies between OpenIAM and SNOW cater to this need, streamlining manual request fulfillment in a more cohesive, efficient manner. 

Creating Tickets in ServiceNow

SNOW offers two primary methods for generating tickets from external sources: 

• Email Integration: Users can send an email with the necessary ticket details to a dedicated mailbox monitored by SNOW. The email must adhere to a specific format that SNOW can recognize. Upon receipt, SNOW parses the email's contents to create a ticket within the system. 
• API Integration: Tickets can be directly created using the SNOW API. This method is activated once a user submits a request and all necessary approvals are obtained. OpenIAM then employs the API to generate a ticket. 
  

Many customers prefer the simplicity of the email method, as it can be easily set up by their SNOW administration teams. However, for our larger clients, we have established integrations using the SNOW API due to its distinct advantages: 

• Enhanced Precision: The API eliminates the potential for errors associated with email parsing, ensuring improved accuracy and consistency in ticket creation. 
• Greater Customization: The API provides the ability to specify ticket categories, set priorities, and adjust other ticket attributes, offering a level of flexibility not possible with email integration. 
• Immediate Performance: API integration results in the instantaneous creation of tickets, bypassing the delays inherent to email server processing and parsing times. 
• Robust Error Handling: Immediate detection and resolution of issues are possible with API usage if ticket creation encounters an error, an improvement over the reactive nature of email-based troubleshooting. 

Overall, while email integration is straightforward, API integration offers a more reliable, efficient, and sophisticated approach to ticket creation in SNOW, suitable for enterprises that require a high degree of automation and control. 

Monitoring Ticket Status in ServiceNow

In the upcoming OpenIAM v4.2.2 release, we've enhanced our API-based integration to empower users with real-time ticket monitoring within ServiceNow through OpenIAM. This update brings a host of new capabilities: 

• Ticket ID Storage: Whenever a ticket is created in ServiceNow via OpenIAM, the associated ServiceNow ticket ID is now captured and stored within the corresponding OpenIAM request. This allows for a seamless connection between the request and its execution status. 
• Status Monitoring: OpenIAM actively tracks the status of each ticket, providing requesters with live updates. Users can view the progress of their ticket — knowing exactly when it's being addressed, when it has been resolved, or if it has been cancelled. 
• Self-Service Portal Interactions: The OpenIAM self-service portal has been upgraded to offer more control. Requestors now have the ability to cancel their ServiceNow requests directly from within the portal. 

These improvements are geared towards enhancing transparency and control for end-users, ensuring they are kept informed and engaged with the status of their service requests within ServiceNow. 

ServiceNow Integration Roadmap

In our ongoing dialogue with clients, we have identified a small but significant trend: Some organizations wish to centralize their request and approval processes within ServiceNow, using OpenIAM solely for the execution of approved provisioning and deprovisioning tasks. Often, this direction is part of a strategic mandate from senior leadership to consolidate all request workflows through ServiceNow. However, several critical considerations arise with this approach: 

• Service Catalog Integration: The comprehensive service catalog functionality within OpenIAM must be replicated within ServiceNow. This involves importing an extensive array of entitlements, permissions, and detailed approval workflows that require ongoing management. Even at mid-sized organizations, this can involve integrating over 50 applications, and at larger organizations, it's hundreds. 
• Catalog Maintenance: The dynamic nature of entitlements, such as the frequent creation of new Active Directory groups or shared folders, necessitates continuous updates within ServiceNow to reflect these changes. 
• Adaptability and Cost: Any solution must be agile enough to evolve with business needs while considering the implications on the total cost of ownership. 
• Audit Trail Consolidation: With request and approval events logged in ServiceNow and fulfillment actions recorded in OpenIAM, meeting audit requirements like SOC 2 becomes more complex, as it requires a unified view of all events across both platforms.

To address these challenges, OpenIAM is excited to announce the upcoming features in the version 4.3 release: 

• Integrated Service Catalog: A native Service Catalog solution within ServiceNow will allow end-users to seamlessly request access to entitlements. Behind the scenes, this module will leverage the OpenIAM API to retrieve relevant application, entitlement, and approval process information. 
• Unified Fulfillment and Logging: Post-approval, requests will be dispatched to OpenIAM for fulfillment. Moreover, audit logs from ServiceNow will be integrated into OpenIAM, creating a single repository for all audit events, simplifying compliance reporting, and management. 

This strategic update aims to not only refine the user experience for organizations moving towards ServiceNow centralization but also to substantially reduce the total cost of ownership. By simplifying audit processes and providing on-demand access to required information, OpenIAM sets the stage for a more efficient and compliant future. 

Conclusion

In summary, the enhanced integration of OpenIAM with ServiceNow in the upcoming v4.3 release represents a significant step forward in IT service management. This partnership focuses on simplifying the user experience, streamlining service request and approval processes, and reducing the overall cost of system maintenance and compliance. 

With OpenIAM's advanced API integration for ticket creation and monitoring in ServiceNow, we provide a solution that is not only more accurate and efficient but also offers a degree of customization and error handling that email integration cannot match. This ensures that enterprises can maintain a high degree of automation and control over their IT service processes. 

The enhancements in the new release are a direct response to the needs of our clients who require a centralized, ServiceNow-driven request workflow, coupled with the robust fulfillment capabilities of OpenIAM. By consolidating audit logs and offering a unified service catalog, we're making IT service management more cohesive and cost-effective. 

As the landscape continues to evolve, OpenIAM is committed to delivering solutions that empower our clients with the tools they need for success. We look forward to the rollout of these new features and to the continued partnership with our clients in achieving a more streamlined and compliant IT service environment.