We are trying for connection between ServiceNow Catalog and SailPoint.
As a prerequisite , I saw that the source has to be set up first, so we are trying to set up the servicenow governance connector first and we have followed the sailpoint documentation(link given below). However, we are seeing the below error message. Can you please advise what could be missing that is resulting in this error?
Error Received:
[ TimeoutException ] [ Possible suggestions ] a) Make sure ServiceNow instance is up and running. b) Make sure there is a smooth connectivity between Identity Server and ServiceNow instance. [ Error details ] Timeout occurred. Connection reset
You don’t have to set up the governance connector to use the service catalog connector. The governance connector is so that sailpoint can provision access in your servicenow tenant. If you aren’t having servicenow entitlements as requestable in the catalog integration, you don’t need it
If that was the case the response would be a 404 that it couldn’t find the API endpoint created on the servicenow instance that’s installed with the application
Hi @mcheek , looking at the prerequisites on the Service Catalog documentation page Prerequisites, the following point is listed : “A source of ServiceNow accounts that SailPoint can load account information from, so each account can be associated with an identity and access for each identity can be governed.”
The Sailpoint documentation doesn’t draw attention the use of ServiceNow governance connector as a source for this information.
“A source must be setup between ServiceNow and SailPoint to aggregate and correlate ServiceNow users with SailPoint identities”
With this said - I have found this connector to be an easy way to ingest this information (sys_id) into IDN for consumption by other processes.
Although @mcheek is correct that there are other ways to ingest this information, the integration does need a source of ServiceNow accounts.
@Laks1 Can I refer everyone back to your initial problem - have you managed to get the ServiceNow Governance connecter connected as your choice to source ServiceNow Accounts?
@mcheek, If you don’t need to setup Governance Connector before Service Catalog Integration, I have a question here. Who are the list of users that are shown in the ServiceNow Portal after Service Catalog Integration, when requesting for access? Will it list user account from ServiceNow only or will it list identities from SailPoint only, or both?
It first lists all active users in the ServiceNow sys_user table. Once you select a user and click “Next”, that is when it uses the field mapping you defined in the configuration to find that user identity in IdentityNow
This is an example of the mapping that’s defined in the configuration
Thank you for the quick reply, @mcheek !
In order for SailPoint to find that identity, shouldn’t that user account be already aggregated from ServiceNow into SailPoint? So, coming to that question of not needing Governance Connector setup, how will user account from ServiceNow be aggregated into SailPoint, in order for the above functionality to work?
The scenario you present assumes the only way an account can get into ServiceNow is if SailPoint creates it.
There are circumstances like my own where accounts get created in systems through a centralized personnel integration point (Mulesoft in my case). In that scenario, the governance connector is not required because all of your user accounts already exist in ServiceNow and IdentityNow because they both received the personnel data independently.
@mcheek, Got it. So if there is no other means of ingesting user accounts commonly between ServiceNow and SailPoint, then Governance Connector is required to sync user accounts between the 2 systems. Thank you for all the swift responses.
