Add a ServiceNow source
Add a ServiceNow source
In order for your support agents and customers to be able to view items from your ServiceNow instance in their query results, as a member of the Administrators or Content Managers built-in groups, you must create a ServiceNow source in your Coveo organization.
Notes
Regardless of whether you’re using the Coveo for ServiceNow integration, the procedure to create a ServiceNow source is as detailed in this article. |
To create a properly functioning ServiceNow source, you must:
Leading practice
The number of items that a source processes per hour (crawling speed) depends on various factors, such as network bandwidth and source configuration. See About crawling speed for information on what can impact crawling speed, as well as possible solutions. |
Source key characteristics
Features | Supported | Additional information | |
---|---|---|---|
ServiceNow version |
Latest cloud version |
Following available ServiceNow releases |
|
Indexable content |
items from any ServiceNow system table, such as:
|
||
By default, the refresh operation doesn’t take account of deleted records. |
|||
Content security options |
Coveo for ServiceNow only partially supports ServiceNow permissions. See "Content Security" tab for more information. |
||
Create a crawling account
Before you create your ServiceNow source, you must create a user in your ServiceNow instance that your source will use as a crawling account to retrieve your ServiceNow content and make it searchable.
-
Create a user in your ServiceNow instance that will be used as the crawling account. Make sure to:
-
Set the account Time Zone to GMT.
-
Set the account credentials based on the source credentials leading practices.
-
-
Grant the crawling account read access to your ServiceNow content. To do so, assign the crawling account one or more user roles that have read access to the following ServiceNow tables, including all the corresponding table rows (records) and columns (fields).
To make this task easier to manage, create a user role in ServiceNow, such as coveo_crawling, that’s used only to provide read access to the crawling account, and then assign the user role to the following tables and tables rows as well as to the crawling account.
NoteThe following tables must have access to web services. Ensure that the Allow access to this table via web services checkbox is enabled for the table in the Application Access tab in ServiceNow.
-
All the tables that you choose to index for your ServiceNow source.
-
All the following ServiceNow tables, including all the corresponding table rows (records) and columns (fields):
Purpose Table Global
sys_db_object
sys_dictionary
sys_group_has_role
sys_properties
sys_security_acl
sys_security_acl_role
sys_user
NoteTo support locked-out ServiceNow users in your search interface, you must also grant the crawling account specific access to the
locked_out
field in thesys_user
table.sys_user_grmember
sys_user_has_role
sys_user_role
Domain Separation
NoteRequires the Domain Separation plugin.
domain
domain_contains
Service Catalog and Knowledge Base
kb_uc_can_contribute_mtom
kb_uc_can_read_mtom
kb_uc_cannot_read_mtom
sc_cat_item_user_criteria_mtom
sc_cat_item_user_criteria_no_mtom
sc_category
sc_category_user_criteria_mtom
sc_category_user_criteria_no_mtom
user_criteria
-
-
Grant the crawling account access to locked-out user data in ServiceNow.
-
(Optional) Set additional settings.
Support locked-out users
Your Coveo-powered search interface supports locked-out ServiceNow users. This means that users that are locked-out of their ServiceNow account won’t be able to access ServiceNow content in your search interface.
To configure support for locked-out users, you must grant the crawling account specific access to the locked_out
field in the sys_user
table via an access control list (ACL).
You must still grant the crawling account specific access to the This is because an ACL already exists by default in ServiceNow that limits access to the If your crawling account is an admin account, the default ACL already gives the account access so no further action is required. |
Create an ACL rule in your ServiceNow instance with the following configuration:
Type: record
Operation: read
Table: User (sys_user)
Field: Locked out (locked_out)
Requires role: <A role that's assigned to the crawling account>
Optional settings
-
For added security, enable the Web Service Access Only field for the crawling account. This sets the crawling account as a non-interactive account in ServiceNow.
-
By default, the crawler retrieves changes in content state, such as from "Published" to "Retired". To retrieve deletions of records as well:
-
Grant the crawling account read access to the
sys_audit_delete
table. -
After you create your ServiceNow source:
-
On the Sources (platform-ca | platform-eu | platform-au) page, click the ServiceNow source and then click More > Edit configuration with JSON in the Action bar.
-
In the Edit configuration with JSON panel that opens, set the
FetchDeletedRecords
parameter value totrue
, and then click Save.
-
-
Add a ServiceNow source
Notes
Regardless of whether you’re using the Coveo for ServiceNow integration, the procedure to create a ServiceNow source is as detailed in this article. |
-
Ensure that you’ve created a crawling account.
-
On the Sources (platform-ca | platform-eu | platform-au) page, click Add source, and then click ServiceNow.
Leading practiceIt’s best to create or edit your source in your sandbox organization first. Once you’ve confirmed that it indexes the desired content, you can copy your source configuration to your production organization, either with a snapshot or manually.
See About non-production organizations for more information and best practices regarding sandbox organizations.
-
Specify your source settings on the Add a ServiceNow source page. Refer to the following sections for detailed information on the source settings:
Note
You can save your source settings at any time by clicking Add and build source/Add source, or Save and rebuild source/Save. By default, a ServiceNow source starts a rescan every day to retrieve ServiceNow content changes, such as item additions, modifications, and deletions. However, you can edit your source rescan schedule. |
"Configuration" tab
On the Add a ServiceNow source page, the Configuration tab is selected by default. It contains your source’s general information, as well as other parameters.
General information
Source name
Enter a name for your source.
Leading practice
A source name can’t be modified once it’s saved, therefore be sure to use a short and descriptive name, using letters, numbers, hyphens ( |
Instance URL
Enter your instance URL.
Your instance URL is https://myinstance.service-now.com
.
Optical character recognition (OCR)
If you want Coveo to extract text from image files or PDF files containing images, enable the appropriate option.
The extracted text is processed as item data, meaning that it’s fully searchable and will appear in the item Quick view. See Enable optical character recognition for details on this feature.
Project
If you have the Enterprise edition, use the Project selector to associate your source with one or multiple Coveo projects.
"Authentication" section
Select an authentication option:
-
If you select OAuth 2.0, which is the most secure and therefore recommended option:
-
Click Authorize Account.
-
In the Sign in to ServiceNow window that appears, enter your ServiceNow Instance URL, Client Id, and Client Secret, and then click Authorize.
Leading practiceYou can find the client ID and client secret in the Coveo application registry in ServiceNow as follows:
-
In the Now Platform UI of your ServiceNow instance, navigate to System OAuth > Application Registry.
-
In the Applications Registries list, click the Coveo registry.
-
To view the client secret, switch the instance application to AI-Powered Search & Recommendations by Coveo in the ServiceNow banner, and then click next to the Client Secret field.
-
-
In the ServiceNow window that appears, do one of the following:
-
If a login screen appears, enter the credentials of your source crawling account, and then click Login.
-
If a login screen doesn’t appear, ensure that the username that appears at the top of the ServiceNow window corresponds to your source crawling account. If it doesn’t correspond, click Not You?, enter the credentials of your crawling account, and then click Login.
-
-
Click Allow.
-
Note
Once you’ve authorized your account, the OAuth 2.0 handshake must be refreshed once in a while. The default lifespan of a token is two years, but ServiceNow allows you to change this duration. |
-
If you select Basic authentication, enter the Username and Password of a dedicated ServiceNow account that has access to the content you want to make searchable. See Source Credentials Leading Practices.
"Content security" tab
Select who will be able to access the source items through a Coveo-powered search interface. For details on this parameter, see Content security.
Note
Coveo for ServiceNow only partially supports ServiceNow permissions. If you select the Same users and groups as in your content system option, keep in mind that:
|
When using the Everyone content security option, see Safely apply content filtering for information on how to ensure that your source content is safely filtered and only accessible by intended users. |
"Access" tab
In the Access tab, specify whether each group (and API key, if applicable) in your Coveo organization can view or edit the current source.
For example, when creating a new source, you could decide that members of Group A can edit its configuration, while Group B can only view it.
For more information, see Custom access level.
"Content to include" tab
These settings determine which items and metadata your Coveo for ServiceNow source indexes.
Default configuration
When you create a new ServiceNow source, the source is preconfigured to retrieve metadata from certain basic tables and fields. However, we recommend that you modify the default configuration to suit your needs.
Leading practice
|
The following table lists the ServiceNow tables that are indexed by default:
Item | Table label | Table name |
---|---|---|
Incidents |
Incident |
|
Problems |
Problem |
|
Knowledge base articles |
Knowledge |
|
Catalog items |
Catalog Item |
|
Catalog tasks |
Catalog Task |
|
Modify the source index configuration
This section describes how to select the objects and metadata that your Coveo for ServiceNow source indexes.
-
In your ServiceNow source, select the Content to include tab.
1
The system table list shows the tables that are available in the ServiceNow instance that you specified for the Instance URL field.
2
The column (fields) list shows the table fields, including fields from referenced tables, that correspond to the currently highlighted system table in the system table list.
Leading practice-
Set the View filter to Selected in the table list header to view only the tables that are currently set to be indexed by your source.
-
If your ServiceNow instance tables don’t appear in the Content to include tab, click Add source, and then re-open your source.
From the Content to include tab, you can:
-
Enable or disable a system table. Your source indexes the metadata for a table only when the table is selected.
-
Enable or disable fields for a system table. Your source indexes the metadata only from selected fields when the associated system table is enabled. You should limit the number of fields to retrieve to reduce the request payload and improve the general performance of the connector.
-
Apply a query to a selected system table to index or exclude specific records.
-
-
To enable or disable a system table:
-
In the left pane, enter the table label or name in the search field to locate the system table in the list.
-
Check or clear the Select box for the table to enable or disable the table respectively.
NoteIf you’re using knowledge blocks in your ServiceNow instance, and your ServiceNow source is configured to index knowledge articles, the ServiceNow source automatically indexes the content of knowledge blocks that are included in knowledge articles. For more information, see Index ServiceNow knowledge blocks.
-
-
To select the table fields to index:
-
If required, locate and click the corresponding system table in the left pane to open the corresponding column (field) list in the right pane. You must enable a system table to select its fields.
-
In the right pane, enter the column label or name in the search field to locate the field in the list.
-
Check or clear the Select box for the field to enable or disable the field respectively. Some essential system fields are always indexed by Coveo and can’t be disabled, such as
sys_id
andsys_updated_on
. For reference fields, you can select the field to index the corresponding metadata, and then expand the field to also index a specific field from the referenced table.ExampleFor the
author
field, you choose to index metadata from thename
field from the referenced table as follows:The extracted metadata for a field in a referenced table is always prefixed with the reference field (key). In this example, the extracted metadata is
author.name
.NoteTo index fields in child tables that aren’t, included in the parent table, see Index child-only table fields.
-
-
To apply or edit a query for the table:
-
If required, locate and click the corresponding system table in the left pane to open the corresponding column list in the right pane. You must enable a system table to apply or edit a table query.
-
Click Query in the column list header, and then enter or edit the query expression in the text field using ServiceNow syntax. For example, enter
workflow_state=published
to retrieve only the table objects whose state is "Published".
NoteA view icon appears next to Query when the table contains a query expression.
-
-
Click Save and rebuild source/Save.
NoteYour ServiceNow source doesn’t automatically delete a field or its mapping rule if you choose to no longer index that field. Unused fields don’t impact your Coveo organization negatively, however you can choose to delete unused fields. Default Coveo fields, however, can’t be deleted. To delete an unused field, access the mapping panel for your source, locate and click the field mapping rule, and then click Delete. Then, delete the field from the Coveo index.
Index child-only table fields
When you choose to index a table that has one or more child tables, Coveo automatically indexes all child tables. However, if a child table has a field that’s not included in the parent table, Coveo doesn’t automatically index that child table field. To index a field that’s specific to a child table, you must exclude the child table from the parent table, and then index the child table separately. To do so:
-
In your ServiceNow source, select the Content to include tab.
-
In the left pane, enter the parent table label or name in the search field to locate the system table in the list.
-
Click the parent table to open the corresponding column list in the right pane.
-
Click the Query icon in the column list header.
-
In the query filter text field, exclude the child table objects from the parent table by entering the expression
sys_class_name!=<TABLE_NAME>
, whereTABLE_NAME
is the child table to exclude. To exclude multiple child tables, use^
to separate the table entries, such as"sys_class_name!=<TABLE_NAME>^sys_class_name!=<TABLE_NAME>"
. For example, to exclude the child tablesincident
andchange_request
, enter"sys_class_name!=incident^sys_class_name!=change_request"
. -
Index the child table separately as follows:
-
In the left pane, enter the child table label or name in the search field to locate the table in the list.
-
Enable the child table.
-
Click the child table to open the corresponding column list, and enable the fields that you want to index.
-
Build or rebuild your source
You must build the source in order for Coveo to retrieve the source content and apply changes to your source settings. You can build or rebuild your source as follows:
-
You can choose to build when saving the source by clicking Add and build source/Save and rebuild source.
-
If you chose not to build when saving your source settings, you can build your source directly from the Sources (platform-ca | platform-eu | platform-au) page by clicking Launch build or Start required rebuild in the Status column for your source. If Launch build or Start required rebuild doesn’t appear on the Sources (platform-ca | platform-eu | platform-au) page for your source, click the source, and then click More > Rebuild in the Action bar.
Once the source is built, you can review its content in the Content Browser.
Note
By default, a ServiceNow source starts a rescan every day to retrieve ServiceNow content changes, such as item additions, modifications, and deletions. However, you can edit your source rescan schedule. |
About source fields and mappings
Your ServiceNow source automatically includes mapping rules for the system table fields that are indexed by default.
If you choose to index non-default fields, your ServiceNow source automatically creates the field in the Coveo index, as well as the associated mapping rule in your source.
All fields are created using the ServiceNow prefix sn
followed by the fieldname
, and the mapping rule is set based on the fieldname metadata.
You choose to index a field named closed_by
.
Your ServiceNow source creates a field named snclosedby
with its mapping rule set to %[closed_by]
.
Verify and edit your source field mappings
The default mapping rules are suitable in most instances, however you can modify the mappings as required.
In your ServiceNow source, the title
field is mapped with the following rule: %[uri]
.
As a result, in your search interface, this item has a URL in place of its title.
This makes it difficult for a search interface user to know at a glance whether this item is relevant to their query.
Therefore, you could change the title
field mapping rule to %[title]
or %[short_description]
so that Coveo extracts a title or a description to display instead.
Do one or both of the following to verify and edit your field mappings:
-
Access the mapping panel for your source, and then review and edit the mappings as required.
-
Build your source, use the Content Browser (platform-ca | platform-eu | platform-au) to inspect the source content, and then edit the mappings as required.
Create additional source fields and mappings (optional)
In certain situations, you may want to create a field in addition to the fields that are created automatically by your source. For example, you may want to create a field that’s used across many sources and mapped to different metadata for each source, or you may want to create a field that aggregates many metadata for a single source.
To create additional fields and mappings:
-
Add a field to the Coveo index manually.
-
Create a mapping rule in each source that you want to use the new field.
Safely apply content filtering
The best way to ensure that your indexed content is seen only by the intended users is to enforce content security by selecting the Same users and groups as in your content system option. Should this option be unavailable, select Specific users and groups instead.
However, if you need to configure your source so that the indexed source content is accessible to Everyone, you should adhere to the following leading practices. These practices ensure that your source content is safely filtered and only accessible by the appropriate users:
-
Plan for query pipelines by establishing a widget naming convention.
-
Configure query filters in ServiceNow for your widgets.
-
Configure your query pipelines for use with the Coveo widgets by applying a condition to make sure that every query originating from a specific search hub is routed to the right query pipeline. For more information, see the corresponding article:
-
Configure the search token: Authenticate user queries via a search token that’s generated server side that enforces a specific search hub.
Following the above leading practices results in a workflow whereby the user query is authenticated server side via a search token that enforces the search hub from which the query originates. Therefore, the query can’t be modified by users or client-side code. The query then passes through a specific query pipeline based on a search hub condition, and the query results are filtered using the filter rules.
Configure the search token
When using query filters to secure content, the safest way to enforce content security is to authenticate user queries using a search token that’s generated server side. For instance, when using this approach, you can enforce a search hub value in the search token. This makes every authenticated request that originates from a component use the specified search hub, and therefore be routed to the proper query pipeline. Because this configuration is stored server side and encrypted in the search token, it can’t be modified by users or client-side code.
Implementing search token authentication requires you to add server side logic to your web site or application. Therefore, the actual implementation details will vary from one project to another.
The following procedure provides general guidelines:
-
Authenticate the user.
-
Call a service exposed through Coveo to request a search token for the authenticated user.
-
Specify the
userIDs
for the search token, and enforce asearchHub
parameter in the search token.
Note
You can specify other parameters in the search token, such as a query |
For more information and examples, see Search token authentication.
Required privileges
You can assign privileges to allow access to specific tools in the Coveo Administration Console. The following table indicates the privileges required to view or edit elements of the Sources (platform-ca | platform-eu | platform-au) page and associated panels. See Manage privileges and Privilege reference for more information.
Note
The Edit all privilege isn’t required to create sources. When granting privileges for the Sources domain, you can grant a group or API key the View all or Custom access level, instead of Edit all, and then select the Can Create checkbox to allow users to create sources. See Can Create ability dependence for more information. |
Actions | Service | Domain | Required access level |
---|---|---|---|
View sources, view source update schedules, and subscribe to source notifications |
Content |
Fields |
View |
Sources |
|||
Organization |
Organization |
||
Edit sources, edit source update schedules, and edit source mappings |
Organization |
Organization |
View |
Content |
Fields |
Edit |
|
Sources |
|||
View and map metadata |
Content |
Source metadata |
View |
Fields |
|||
Organization |
Organization |
||
Content |
Sources |
Edit |