ServiceNow ITSM MCP Server

Create a powerful Model Context Protocol (MCP) server for ServiceNow IT Service Management in minutes with our AI Gateway. This guide walks you through setting up seamless IT operations integration with enterprise-grade security and instant OAuth authentication.

About ServiceNow ITSM API

ServiceNow ITSM provides comprehensive IT service management capabilities aligned with ITIL best practices. The API enables programmatic access to incidents, problems, changes, service requests, and configuration management across your IT infrastructure.

Key Capabilities

• Incident Management: Create, update, resolve incidents
• Problem Management: Root cause analysis and tracking
• Change Management: Change requests and approvals
• Service Request Management: Service catalog requests
• Configuration Management: CMDB operations
• Knowledge Management: Knowledge base articles
• Service Level Management: SLA tracking
• Asset Management: Hardware and software assets

API Features

• REST API: Table API and Scripted REST
• GraphQL API: Flexible data queries
• Batch API: Bulk operations
• OAuth 2.0: Enterprise authentication
• Webhooks: Real-time notifications
• Import Sets: Data transformation
• Attachment API: File handling
• Aggregate API: Analytics queries

What You Can Do with ServiceNow ITSM MCP Server

The MCP server transforms ServiceNow ITSM's API into a natural language interface, enabling AI agents to:

Incident Management

• Incident Operations

  • "Create P1 incident for server outage"
  • "Update incident with resolution details"
  • "Escalate unresolved critical incidents"
  • "Close resolved incidents from yesterday"

• Incident Assignment

  • "Assign incident to network team"
  • "Route to specialist based on category"
  • "Reassign stale incidents"
  • "Balance workload across team"

• Incident Search

  • "Show all open P1 incidents"
  • "Find incidents affecting Finance"
  • "List incidents breaching SLA"
  • "Search by configuration item"

Problem Management

• Problem Records

  • "Create problem from recurring incidents"
  • "Link incidents to existing problem"
  • "Update root cause analysis"
  • "Create known error record"

• Problem Investigation

  • "Show problems without workaround"
  • "Find problems by affected service"
  • "List problems pending RCA"
  • "Track problem tasks progress"

• Knowledge Integration

  • "Create knowledge article from problem"
  • "Link workaround to problem"
  • "Publish permanent fix"
  • "Update affected incidents"

Change Management

• Change Requests

  • "Create standard change for patching"
  • "Submit emergency change request"
  • "Schedule change for maintenance window"
  • "Clone previous successful change"

• Change Approval

  • "Route change to CAB"
  • "Get approval from stakeholders"
  • "Check for conflicts"
  • "Validate change impact"

• Change Implementation

  • "Update implementation status"
  • "Record actual start/end times"
  • "Document back-out plan"
  • "Complete post-implementation review"

Service Request Management

• Request Fulfillment

  • "Create software installation request"
  • "Order new hardware"
  • "Request access permissions"
  • "Submit facilities request"

• Service Catalog

  • "Browse available services"
  • "Check request requirements"
  • "View service pricing"
  • "Track delivery times"

• Request Tracking

  • "Show my pending requests"
  • "Check approval status"
  • "Update fulfillment progress"
  • "Notify requestor of delays"

Configuration Management

• CMDB Operations

  • "Add new server to CMDB"
  • "Update CI relationships"
  • "Set CI operational status"
  • "Track CI lifecycle"

• Discovery Integration

  • "Import discovered assets"
  • "Reconcile CI data"
  • "Identify orphaned CIs"
  • "Update CI attributes"

• Impact Analysis

  • "Show services affected by server"
  • "List dependent configurations"
  • "Analyze change impact"
  • "Map service dependencies"

Service Level Management

• SLA Tracking

  • "Show SLA compliance for incidents"
  • "List breached SLAs today"
  • "Calculate MTTR by priority"
  • "Monitor response times"

• SLA Configuration

  • "Create new SLA definition"
  • "Set escalation rules"
  • "Define business hours"
  • "Configure pause conditions"

• Performance Reporting

  • "Generate monthly SLA report"
  • "Show team performance metrics"
  • "Track improvement trends"
  • "Compare against targets"

Knowledge Management

• Article Creation

  • "Create KB article from incident"
  • "Document troubleshooting steps"
  • "Add solution workaround"
  • "Publish how-to guide"

• Knowledge Search

  • "Find articles for error message"
  • "Search solutions by symptom"
  • "Show most used articles"
  • "List outdated content"

• Knowledge Maintenance

  • "Review article accuracy"
  • "Update outdated procedures"
  • "Retire obsolete articles"
  • "Track article effectiveness"

Asset Management

• Asset Tracking

  • "Record new asset purchase"
  • "Update asset assignment"
  • "Track warranty expiration"
  • "Manage software licenses"

• Asset Lifecycle

  • "Schedule asset refresh"
  • "Mark assets for disposal"
  • "Track depreciation"
  • "Monitor lease expiration"

• Asset Reporting

  • "Show assets by department"
  • "List end-of-life hardware"
  • "Calculate total asset value"
  • "Track license compliance"

Prerequisites

• Access to Cequence AI Gateway
• ServiceNow instance with ITSM module
• Admin role in ServiceNow
• OAuth application registration

Step 1: Configure ServiceNow OAuth

1.1 Create OAuth Application

1. Log in to your ServiceNow instance
2. Navigate to System OAuth Application Registry
3. Click New Create an OAuth API endpoint

1.2 Configure OAuth Settings

1. Fill in application details:

   • Name: "AI Gateway ITSM MCP"
   • Client ID: Auto-generated
   • Client Secret: Click to generate

2. Set OAuth parameters:

   • Redirect URL:

     https://auth.aigateway.cequence.ai/v1/outbound/oauth/callback

   • Access Token Lifespan: 3600
   • Refresh Token Lifespan: 86400

1.3 Configure Scopes

1. Go to OAuth Entity Scopes
2. Add required scopes:
   • useraccount - User authentication
   • tablename - Table access as needed
   • Custom scopes for ITSM module

1.4 Set Permissions

1. Configure table ACLs
2. Grant API access roles
3. Set field-level permissions

Step 2-4: Standard Setup

Follow standard steps to access AI Gateway, find ServiceNow ITSM API, and create MCP server.

Step 5: Configure API Endpoints

1. Base URL: https://{instance}.service-now.com/api
2. Select ITSM endpoints:
   • Incident endpoints
   • Problem endpoints
   • Change endpoints
   • CMDB endpoints
3. Click Next

Step 6: MCP Server Configuration

1. Name: "ServiceNow ITSM"
2. Description: "IT Service Management platform"
3. Configure production mode
4. Click Next

Step 7: Configure Authentication

1. Authentication Type: OAuth 2.0
2. Instance Name: Your ServiceNow instance
3. Authorization URL:

   https://{instance}.service-now.com/oauth/authorize

4. Token URL:

   https://{instance}.service-now.com/oauth_token.do

5. Enter Client ID and Secret
6. Select required scopes

Available ServiceNow ITSM OAuth Scopes

Core ITSM Scopes

• itsm:read

  • Read incidents, problems, changes
  • View service requests
  • Access CMDB data
  • Read knowledge articles

• itsm:write

  • Create and update records
  • Submit approvals
  • Modify CI relationships
  • Publish knowledge

• itsm:admin

  • Configure workflows
  • Manage SLAs
  • Set up integrations
  • Administrative tasks

Table-Specific Scopes

• Incident Management

  • incident - Full incident access
  • incident_task - Incident tasks
  • incident_alert - Alert management

• Problem Management

  • problem - Problem records
  • problem_task - Problem tasks
  • known_error - Known errors

• Change Management

  • change_request - Change records
  • change_task - Change tasks
  • std_change_proposal - Standard changes

• Configuration Management

  • cmdb_ci - Configuration items
  • cmdb_rel_ci - CI relationships
  • cmdb_model - CI models

Recommended Scope Combinations

For Incident Management:

itsm:read
itsm:write
incident
incident_task
sys_user
sys_user_group

For Full ITSM:

itsm:read
itsm:write
itsm:admin
incident
problem
change_request
cmdb_ci
kb_knowledge

Step 8-10: Complete Setup

Configure security, choose deployment, and deploy.

Using Your ServiceNow ITSM MCP Server

With Claude Desktop

{
  "servers": {
    "servicenow-itsm": {
      "url": "your-mcp-server-url",
      "auth": {
        "type": "oauth2",
        "client_id": "your-client-id",
        "instance": "your-instance"
      }
    }
  }
}

Natural Language Commands

• "Create P1 incident for database outage"
• "Show all changes scheduled for this weekend"
• "Find knowledge articles about password reset"
• "List servers affected by recent problem"
• "Check SLA compliance for today's incidents"

API Integration Example

// Initialize MCP client
const mcpClient = new MCPClient({
  serverUrl: 'your-mcp-server-url',
  auth: {
    type: 'oauth2',
    token: 'access-token'
  }
});

// Create incident
const incident = await mcpClient.servicenow.incidents.create({
  short_description: 'Database connection timeout',
  description: 'Production database experiencing connection timeouts',
  priority: '1',
  impact: '1',
  urgency: '1',
  category: 'Database',
  subcategory: 'Performance',
  assignment_group: 'Database Team',
  caller_id: 'user@company.com',
  cmdb_ci: 'Oracle-DB-PROD-01'
});

// Create change request
const change = await mcpClient.servicenow.changes.create({
  type: 'Standard',
  short_description: 'Monthly security patching',
  description: 'Apply latest security patches to web servers',
  priority: '3',
  risk: 'Low',
  impact: '3',
  assignment_group: 'Server Team',
  start_date: '2025-02-15 02:00:00',
  end_date: '2025-02-15 06:00:00',
  implementation_plan: 'Standard patching procedure',
  backout_plan: 'Rollback patches if issues occur',
  test_plan: 'Verify services after patching'
});

// Search problems
const problems = await mcpClient.servicenow.problems.search({
  active: true,
  priority: ['1', '2'],
  assigned_to: 'empty',
  sysparm_fields: ['number', 'short_description', 'priority', 'state']
});

// Update CMDB
const ci = await mcpClient.servicenow.cmdb.updateCI({
  sys_id: 'ci-sys-id',
  operational_status: 'Operational',
  attributes: {
    cpu_count: '16',
    ram: '64',
    disk_space: '1000'
  },
  relationships: [
    {
      parent: 'parent-ci-sys-id',
      type: 'Hosted on::Hosts'
    }
  ]
});

// Create knowledge article
const article = await mcpClient.servicenow.knowledge.create({
  short_description: 'How to reset application password',
  text: '<h2>Password Reset Steps</h2><ol><li>Navigate to...</li></ol>',
  kb_knowledge_base: 'IT Knowledge Base',
  kb_category: 'Application Support',
  workflow_state: 'draft',
  valid_to: '2026-01-01'
});

// Check SLA
const slaStatus = await mcpClient.servicenow.sla.checkCompliance({
  table: 'incident',
  active: true,
  sla_definition: 'Priority 1 Resolution',
  breach_state: 'In Progress'
});

Common Use Cases

Incident Management

• Automated incident creation
• Smart routing and assignment
• SLA tracking and escalation
• Major incident coordination

Change Management

• Change advisory board automation
• Risk assessment
• Conflict detection
• Implementation tracking

Problem Management

• Root cause analysis
• Known error database
• Proactive problem detection
• Permanent fix tracking

Service Operations

• Service health monitoring
• Automation workflows
• Self-service portals
• Performance analytics

Security Best Practices

1. OAuth Security:

   • Use minimal required scopes
   • Implement token rotation
   • Monitor API usage
   • Set IP restrictions

2. Data Protection:

   • Encrypt sensitive data
   • Implement field-level security
   • Audit data access
   • Use secure attachments

3. Access Control:

   • Role-based permissions
   • Approval workflows
   • Change authorization
   • Segregation of duties

Troubleshooting

Common Issues

1. Authentication Errors

   • Verify OAuth configuration
   • Check instance URL
   • Validate credentials
   • Review scope permissions

2. API Errors

   • Check table access
   • Verify field names
   • Review ACL rules
   • Monitor rate limits

3. Data Issues

   • Validate required fields
   • Check data types
   • Review choice lists
   • Verify references

Getting Help

• Documentation: AI Gateway Docs
• Support: support@cequence.ai
• ServiceNow Docs: docs.servicenow.com
• Developer Portal: developer.servicenow.com

---