| Info |
|---|
This article explains how to set up the Cloudaware application in ServiceNow. Cloudaware extends the Configuration Item table in ServiceNow with additional cloud inventory data. |
...
3. Сontact support@cloudaware.com to get credentials required for this integration (Service Account private key & password, the certificate file, Import Project Id, and Import Dataset Id).
...
Set up ServiceNow-to-Google integration
Сreate 1. Set up JWT key(1a) & JWT certificate(2b) in ServiceNow:
1) a. Go to All → System oAuth OAuth → JWT Keys. Click New.
<...>
Set WHERE
Name: set up a meaningful name, e.g. Google JWT Key
Signing Key: insert the password provided by Cloudaware
Signing Keystore: click the magnifier icon (signing key = password,
...
Lookup using list) to create a new signing keystore - see the point b. below
b. In a pop-up window, click New to create a JWT certificate that will serve a signing keystore:
Set <…>
WHERE
Name: set up a meaningful name, e.g. Google JWT Certificate -> select ‘java key store’
Type: select 'Java Key Store' from the list, use the same password in key store password, attach the previously downloaded certificate -> Submit (the pop-up window closes)
Go back to adding a JWT key: in Signing Keystore select the created keystore (click the certificate name ‘Google JWT Certificate’ in the the pop-up window) -> Submit.Сreate JWT Provider in ServiceNow:
All -> System oAuth -> JWT providers -> New
Set
Key store password: insert the password provided by Cloudaware
Click the paper clip icon (Manage attachments) to attach the certificate file provided by Cloudaware.
Click Submit.
c. Go back to setting up the JWT key. In Signing Keystore, click the magnifier icon (Lookup using list) and click the certificate name Google JWT Certificate in the pop-up window.
Click Submit.
2. Сreate JWT Provider:
Go to All → System OAuth → JWT Providers. Click New.
<…>
WHERE
Name: set up a meaningful name, e.g. Google JWT Provider
in Signing configuration, Signing Configuration: click the magnifier icon (Lookup using list) and select the created key (Google JWT Key) Key from the list
Click the name of the provider. Select the tab 'Standard Claims'. Set the following values for:
( iss - the service account email address provided by Cloudaware
sub - service account email address provided by Cloudaware
aud - token https://oauth2.googleapis.com/token
-> updateСreate Application Registry in ServiceNow:
All -> System oAuth -> Application Registry -> New
Select
<…>
Click Update.
3. Сreate Application Registry:
Go to All → System OAuth → Application Registry.
Click New → select Connect to a third party OAuth Provider from the list.
<…>
WHERE
Client ID: set up as notneeded
Client secret: set up as notneeded
Token: click the lock icon to insert https://oauth2.googleapis.com/token -> → click the lock icon again to save.
Default grant type: select JWT Bearer
Click Submit.
By doing all this, you create an oAuth Entity Profile (ignore errors)
Drill into the profile (by clicking its name)
In JWT Provider select Google JWT Provider from the list
Click Update.Go back to JWT Provider -> select Google JWT Provider from the list. Select the tab Custom Claims. Click plus sign to add a new claim: scope - string - https://www.googleapis.com/auth/bigqueryAll -> type Connections & Credentials (under IntegrationsHub). Select Credentials. New
Select OAuth 2.0 Credentials from the list. For the oAuth Entity Profile, select Google JWT Profile created earlier. Save.
Click Get OAuth Token to test the connection.Go to Connections & Credentials Aliases. New. Set the name as Google JWT and save. In the table below, click New to create a HTTP(s) Connection. For the Credential, select JWT Credentials record created earlier.
Check the box URL builder - in Host input the link http://bigquery.googleapis.com; in Base path input the link - /bigquery/v2/
Save.
...