Skip to main content

ServiceNow Platform MCP Server

Create a powerful Model Context Protocol (MCP) server for ServiceNow in minutes with our AI Gateway. This guide walks you through setting up seamless ServiceNow integration with enterprise-grade security and instant OAuth authentication.

About ServiceNow Platform API

ServiceNow is the leading digital workflow platform that makes work, work better for people. Used by over 7,400 enterprises, ServiceNow provides comprehensive IT service management and beyond:

  • Incident Management: Create, track, and resolve IT incidents
  • Problem Management: Root cause analysis and permanent fixes
  • Change Management: Plan, approve, and implement changes
  • Service Catalog: Self-service portal for IT services
  • CMDB: Configuration management database
  • Knowledge Management: Centralized knowledge base
  • Workflow Automation: Visual workflow designer
  • Virtual Agent: AI-powered conversational interfaces

Key Features

  • REST API: Comprehensive RESTful interface
  • Table API: Direct access to ServiceNow tables
  • Scripted REST APIs: Custom API endpoints
  • GraphQL API: Flexible data queries
  • Rate Limiting: Instance-specific limits
  • Batch API: Process multiple operations
  • Attachment API: File upload/download
  • Import Set API: Data transformation

What You Can Do with ServiceNow MCP Server

The MCP server transforms ServiceNow's API into a natural language interface, enabling AI agents to:

Incident & Request Management

  • Smart Incident Handling

    • "Create a P1 incident for the database outage"
    • "Find all incidents affecting the payment system"
    • "Escalate incidents breaching SLA to managers"
    • "Auto-assign incidents based on CI ownership"

  • Service Request Automation

    • "Process all laptop requests from new hires"
    • "Route software requests to appropriate teams"
    • "Check approval status for pending requests"
    • "Bulk approve standard catalog items"

  • Intelligent Routing

    • "Assign incidents based on skillset and availability"
    • "Route VIP tickets to senior technicians"
    • "Distribute workload across support teams"
    • "Escalate based on impact and urgency"

Change & Release Management

  • Change Operations

    • "Create emergency change for security patch"
    • "Find all changes scheduled for this weekend"
    • "Check for conflicting changes on critical systems"
    • "Generate change advisory board agenda"

  • Release Planning

    • "List all releases for Q1 2025"
    • "Track release readiness status"
    • "Identify dependencies between releases"
    • "Generate release notes from completed changes"

  • Risk Assessment

    • "Analyze risk scores for pending changes"
    • "Find high-risk changes without backout plans"
    • "Check change success rates by type"
    • "Identify frequently failing changes"

CMDB & Asset Management

  • Configuration Items

    • "Update server configurations after migration"
    • "Find all CIs related to the CRM application"
    • "Track relationships between infrastructure components"
    • "Identify orphaned configuration items"

  • Asset Lifecycle

    • "List all assets nearing end of warranty"
    • "Track software license compliance"
    • "Find unused assets for reallocation"
    • "Generate asset refresh reports"

  • Dependency Mapping

    • "Show all dependencies for critical services"
    • "Identify single points of failure"
    • "Map application-to-infrastructure relationships"
    • "Visualize service impact analysis"

Analytics & Reporting

  • Performance Metrics

    • "Generate SLA compliance report for last month"
    • "Show MTTR trends by assignment group"
    • "Analyze incident volume by category"
    • "Track first-call resolution rates"

  • Capacity Planning

    • "Forecast ticket volume for next quarter"
    • "Analyze resource utilization by team"
    • "Identify peak demand periods"
    • "Plan staffing based on historical data"

  • Business Intelligence

    • "Calculate cost per incident by service"
    • "Show ROI of automation initiatives"
    • "Track customer satisfaction trends"
    • "Generate executive dashboards"

Automation & Orchestration

  • Workflow Automation

    • "Create automated remediation workflows"
    • "Build approval chains for requests"
    • "Design escalation procedures"
    • "Implement auto-assignment rules"

  • Integration Orchestration

    • "Sync incidents with external monitoring tools"
    • "Update CMDB from discovery sources"
    • "Integrate with collaboration platforms"
    • "Connect to third-party ticketing systems"

  • Virtual Agent Enhancement

    • "Train virtual agent on new scenarios"
    • "Create conversation flows for common requests"
    • "Analyze virtual agent effectiveness"
    • "Route complex queries to human agents"

Knowledge Management

  • Knowledge Base Operations

    • "Create KB articles from resolved incidents"
    • "Find relevant solutions for current problems"
    • "Update outdated documentation"
    • "Track article effectiveness metrics"

  • Self-Service Enablement

    • "Suggest articles based on incident description"
    • "Auto-link knowledge to similar tickets"
    • "Generate FAQs from frequent incidents"
    • "Measure deflection rates"

Prerequisites

  • Access to Cequence AI Gateway
  • ServiceNow instance (any supported version)
  • Admin role or oauth_admin role
  • OAuth application registration capability

Step 1: Create ServiceNow OAuth Application

Before setting up the MCP server, you need to create an OAuth application in ServiceNow.

1.1 Access ServiceNow Instance

  1. Log in to your ServiceNow instance as an administrator
  2. Navigate to System OAuth Application Registry
  3. Click New Create an OAuth API endpoint for external clients

1.2 Configure OAuth Application

  1. Fill in the application details:

    • Name: "AI Gateway MCP Integration"
    • Client ID: Auto-generated (note this down)
    • Client Secret: Click lock icon to generate (save securely)
    • Redirect URL: 
      https://auth.aigateway.cequence.ai/v1/outbound/oauth/callback

  2. Set additional properties:

    • Refresh Token Lifespan: 8,640,000 (100 days)
    • Access Token Lifespan: 1,800 (30 minutes)
    • Active: True

  3. Click Submit to save

1.3 Configure OAuth Entity Scopes (Optional)

For granular permissions:

  1. Navigate to System OAuth Entity Scopes
  2. Create scopes for specific tables/operations
  3. Associate scopes with your OAuth application

1.4 Set User Access

  1. Ensure integration user has appropriate roles:
    • rest_api_explorer
    • itil (for ITSM operations)
    • Table-specific access as needed

Step 2: Access AI Gateway Apps

  1. Log in to your Cequence AI Gateway dashboard
  2. Navigate to Apps in the left sidebar
  3. You'll see the list of available third-party applications

Step 3: Find and Select ServiceNow API

  1. In the Apps section, browse through the Third-party category
  2. Look for ServiceNow Platform or use the search function
  3. Click on the ServiceNow API card to view details

The ServiceNow API card shows:

  • Number of available endpoints
  • Integration capabilities
  • Quick description of functionality

Step 4: Create MCP Server

  1. Click the Create MCP Server button on the ServiceNow API card
  2. You'll be redirected to the MCP Server creation wizard

Step 5: Configure API Endpoints

In the App Configuration step:

  1. Base URL format: https://{instance}.service-now.com
  2. Select API endpoints to expose to your MCP server based on your needs
  3. Click Next to proceed

Step 6: MCP Server Basic Setup

Configure your MCP server details:

  1. MCP Server Name: Enter a descriptive name

    • Example: "ServiceNow ITSM Automation"
    • This name will identify your server in the dashboard

  2. Description (Optional): Add details about the server's purpose

    • Example: "Automated IT service management and workflow orchestration"

  3. Production Mode: Toggle based on your needs

    • ON for production environments
    • OFF for development/testing

  4. Click Next to continue

Step 7: Configure Authentication

This is where you'll use your ServiceNow OAuth credentials:

  1. Authentication Type: Select OAuth 2.0

  2. Fill in the OAuth configuration:

    • Authorization URL: 
      https://{instance}.service-now.com/oauth/authorize
    • Token URL: 
      https://{instance}.service-now.com/oauth_token.do
    • Client ID: Paste from ServiceNow OAuth application
    • Client Secret: Paste from ServiceNow OAuth application
    • Redirect URI: 
      https://auth.aigateway.cequence.ai/v1/outbound/oauth/callback

  3. Scopes: Select from the available ServiceNow scopes (see next section)

Available ServiceNow OAuth Scopes

Configure the appropriate scopes based on your application needs:

Core Access

  • read

    • Read access to all authorized tables
    • View records and configurations
    • Access reports and dashboards
    • Query data via REST API

  • write

    • Create and update records
    • Execute business rules
    • Trigger workflows
    • Full CRUD operations

  • admin

    • Administrative operations
    • System configuration changes
    • User and group management
    • Advanced settings access

Module-Specific Scopes

  • itsm:read

    • Read ITSM module data
    • View incidents, problems, changes
    • Access service catalog
    • Read knowledge articles

  • itsm:write

    • Create and update ITSM records
    • Execute workflows
    • Manage approvals
    • Update CMDB

  • itsm:admin

    • ITSM administration
    • Configure workflows
    • Manage SLAs
    • Setup automation

Additional Scopes

  • itom:read / itom:write / itom:admin

    • IT Operations Management
    • Event management
    • Discovery operations
    • Orchestration

  • hrsd:read / hrsd:write / hrsd:admin

    • HR Service Delivery
    • Employee requests
    • HR cases
    • Knowledge management

  • csm:read / csm:write / csm:admin

    • Customer Service Management
    • Customer cases
    • Service entitlements
    • Customer portal

For ITSM Operations:

read
write
itsm:read
itsm:write

For Full Platform Access:

read
write
admin

For Read-Only Reporting:

read
itsm:read

Step 8: Configure Security

Set up API protection features:

  1. API Protection: Toggle ON to enable

    • Protects against bot attacks, DDoS, and threats
    • Monitors for suspicious activity
    • Rate limiting and anomaly detection

  2. Protection Features (when enabled):

    • Auto-scaling protection
    • Managed infrastructure
    • Built-in monitoring
    • Zero maintenance required

  3. Click Next to continue

Step 9: Choose Deployment Method

Select your deployment preference:

  • Fully managed deployment
  • Automatic scaling and monitoring
  • Built-in high availability
  • Features included:
    • Auto-scaling
    • Managed infrastructure
    • Built-in monitoring
    • Zero maintenance

Option B: Deploy with Helm Chart

  • Self-managed Kubernetes deployment
  • Full control over infrastructure
  • Requires:
    • Kubernetes cluster
    • Helm 3.x installed
    • Container registry access

Click Next after selecting your deployment method.

Step 10: Review and Deploy

Review your MCP server configuration:

  • MCP Server Name: Your chosen name
  • Base URL: https://{instance}.service-now.com
  • Selected Endpoints: Number of endpoints selected
  • Authentication: OAuth 2.0 (Configured)
  • API Protection: Enabled/Disabled
  • Deployment: Cequence Cloud or Helm

Click Create & Deploy to finalize the setup.

Step 11: Post-Deployment Setup

After successful deployment:

  1. Note the MCP Server URL provided

  2. Test the OAuth flow:

    • Click "Test Connection"
    • You'll be redirected to ServiceNow login
    • Authenticate with your credentials
    • Approve the OAuth request
    • Confirm successful connection

  3. Configure AI Agents:

    • The MCP server is now available for AI agent connections
    • Use the provided server URL in your AI agent configuration

Using Your ServiceNow MCP Server

With Claude Desktop

  1. Open Claude Desktop settings

  2. Add your MCP server:

    {
      "servers": {
        "servicenow": {
          "url": "your-mcp-server-url",
          "auth": {
            "type": "oauth2",
            "client_id": "your-client-id"
          }
        }
      }
    }

  3. Start using natural language commands:

    • "Show me all P1 incidents from the last 24 hours"
    • "Create a change request for the database upgrade"
    • "Find all servers in the web tier"
    • "Generate a report of SLA breaches this week"
    • "Assign all network incidents to the network team"

API Integration Example

// Initialize MCP client
const mcpClient = new MCPClient({
  serverUrl: 'your-mcp-server-url',
  auth: {
    type: 'oauth2',
    token: 'user-access-token'
  }
});

// Query incidents
const incidents = await mcpClient.servicenow.table('incident').get({
  sysparm_query: 'priority=1^state!=7',
  sysparm_fields: 'number,short_description,assigned_to,priority',
  sysparm_limit: 10
});

// Create an incident
const newIncident = await mcpClient.servicenow.table('incident').create({
  short_description: 'Email service unavailable',
  description: 'Users unable to access email since 9 AM',
  priority: '2',
  category: 'Email',
  assignment_group: 'Service Desk'
});

// Update a change request
await mcpClient.servicenow.table('change_request').update({
  sys_id: 'change-sys-id',
  state: 'Scheduled',
  work_notes: 'All pre-implementation tasks completed'
});

// Execute a workflow
await mcpClient.servicenow.workflow.execute({
  workflow_id: 'emergency_change_workflow',
  inputs: {
    short_description: 'Emergency security patch',
    risk_assessment: 'Low'
  }
});

Common Use Cases

IT Service Management

  • Incident triage and routing
  • Problem management workflows
  • Change advisory board automation
  • Service catalog fulfillment
  • SLA monitoring and escalation

IT Operations

  • Event correlation and alerting
  • Discovery data processing
  • Orchestration workflows
  • Capacity management
  • Performance analytics

HR Service Delivery

  • Employee onboarding automation
  • Case management
  • Knowledge article creation
  • Service portal enhancement
  • Employee self-service

Customer Service

  • Case routing and prioritization
  • Customer communication
  • Service entitlement verification
  • Knowledge base integration
  • Customer satisfaction tracking

Security Best Practices

  1. OAuth Security:

    • Use instance-specific credentials
    • Implement token rotation
    • Restrict OAuth app access
    • Monitor authentication logs

  2. API Access Control:

    • Use ACLs on tables
    • Implement field-level security
    • Restrict data access by role
    • Audit API usage

  3. Rate Limiting:

    • Monitor transaction quotas
    • Implement request throttling
    • Use batch operations
    • Cache frequently accessed data

  4. Data Protection:

    • Encrypt sensitive data
    • Implement data masking
    • Follow retention policies
    • Audit data access

Troubleshooting

Common Issues

  1. 401 Unauthorized

    • Verify OAuth credentials
    • Check instance URL
    • Ensure user has API access
    • Validate token expiration

  2. 403 Forbidden

    • Check table-level ACLs
    • Verify user roles
    • Ensure proper scope access
    • Check field-level permissions

  3. 429 Rate Limit

    • Check transaction quota
    • Implement request batching
    • Use REST API Explorer
    • Contact ServiceNow admin

  4. 400 Bad Request

    • Validate field requirements
    • Check data types
    • Verify business rules
    • Review mandatory fields

Getting Help