ServiceNow Capabilities
Last updated: October 8, 2024
After this article...
You'll understand the capabilities our ServiceNow integration provides, and how Lumos interacts with the ServiceNow API.
View users
The mapping between ServiceNow user statuses and Lumos user statuses is below.
ServiceNow User Status | Lumos Account Status |
active and not locked out | Active |
inactive or locked out | Suspended |
deleted (ServiceNow no longer returns a user) | Deprovisioned |
ServiceNow API endpoint: https://developer.servicenow.com/dev.do#!/reference/api/washingtondc/rest/c_TableAPI#table-GET?navFilter=now/table (we use sys_user as the table name)
View a user's entitlements
Lumos can retrieve the following user entitlements from ServiceNow.
Role - The user's ServiceNow granted and inherited roles.
ServiceNow API endpoints:
Role: https://developer.servicenow.com/dev.do#!/reference/api/utah/rest/c_user-role-inheritance-api#user_role_inher-GET?navFilter=user_role_inheritance (we get the roles from_role and from_group)
View a user's last login
In Lumos, the Last Login value represents the last time the user logged into ServiceNow.
ServiceNow API endpoint: https://developer.servicenow.com/dev.do#!/reference/api/washingtondc/rest/c_TableAPI#table-GET?navFilter=now/table (we use sys_user as the table name and get the last_login_time field)
Log to ITSM
More details on how we log tickets to ServiceNow can be found here:📄 ServiceNow ITSM Capabilities
Suspend a user
AppStore | Offboarding | Access Reviews | License Management |
N/A | ✅ | ✅ | ✅ |
In Lumos, suspending a ServiceNow user marks their Account Status as "Suspended".
In ServiceNow, this action locks the user out of their account. Locked out users cannot log into ServiceNow.
This action does not reclaim a license in ServiceNow.
ServiceNow API endpoint: https://developer.servicenow.com/dev.do#!/reference/api/washingtondc/rest/c_TableAPI#table-PUT?navFilter=now/table (we use sys_user as the table name and set the locked_out field on the user totrue)
Deprovision a user
AppStore | Offboarding | Access Reviews | License Management |
N/A | ✅ | ✅ | ✅ |
In Lumos, deprovisioning a ServiceNow user marks their Account Status as "Deprovisioned".
In ServiceNow, this action permanently removes the user and their data from ServiceNow. Their sys_id will be tied to events and records in ServiceNow but they will not have a user record.
This action reclaims a license in ServiceNow.
ServiceNow API endpoint: https://developer.servicenow.com/dev.do#!/reference/api/washingtondc/rest/c_TableAPI#table-DELETE?navFilter=now/table (we use sys_user as the table name)