ServiceNow: Configuring API access
This section will walk you through how to enable and authorize API access for ServiceNow. Forcepoint ONE SSE does API scanning for ServiceNow via OAuth token as an OAuth client application using the endpoints for external clients method.
The OAuth client application uses the client key and client secret during the token authorization to identify the app and then a user must login to authorize and permit token generation. You will need to make sure you have an account with the proper permission to first create the OAuth token and then an account with the proper read permissions to authorize the API connection. The first section will walk you through creating the proper accounts and needed permissions while the section after will walk you through how to setup the API integration.
Forcepoint ONE SSE can also use this API setup to scan ServiceNow for security misconfigurations (SSPM). Complete the steps below first to enable API scanning and then follow the steps on the ServiceNow: Enabling SSPM scanning.