In what cases is it possible to manage the ServiceNow role-assignment automatically from Okta? Skip to main content
https://support.okta.com/help/answers?id=906f0000000hzy7iac&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
chris ravnchris ravn 

In what cases is it possible to manage the ServiceNow role-assignment automatically from Okta?

This is about a situation where:
  1. Okta is integrated with an AD and also with ServiceNow (through SAML)
  2. Provisioning is enabled for the ServiceNow integration
  3. Users were already assigned to groups in ServiceNow before the integration was set up
The goals are:
  1. Maintain ServiceNow roles by assigning them to groups rather than individuals
  2. Make sure users can retain the ServiceNow roles that they have currently
  3. Automatically grant specific users some specific role(s) in ServiceNow
Especially the last point is important, and based on that we want users to be automatically assigned to groups (which have specific roles) based on some automated process.

However when I imported the groups and users from ServiceNow, I noticed that the groups were imported as empty and that I was not able to assign any users into them (Okta says that this is because it is managing the groups).

Is it possible to configure Okta to automatically assign users to specific ServiceNow groups? What Okta functionality can I use for this in this particular situation?
Drew PadorDrew Pador (Okta, Inc.)
Hello,

In order to get the users assigned to a group in ServiceNow you will need to configure Push Groups under the ServiceNow application settings in the Okta Admin console. Additional mappings for the AD groups would need to be considered, in which case I would suggest looking for the deploment and setup guides by logging into the Okta support site with your Okta Admin credentials.


Regards,
Drew Pador
Technical Support Engineer
Okta Inc. Logo