Securing web services
As explored in Chapter 7, Exchanging Data - Import Sets, Web Services, and Other Integrations, the web services hosted by ServiceNow use basic authentication as the primary means for proving identity. A username and password should be used by the remote system when it connects to the instance. This is commonly referred to as a system account.
Note
Basic authentication is HTTP-level authentication. The calling system must provide a Base64-encoded value of username:password to the authorization header. The connection is refused if this is not present, making it fast and efficient. In addition, since headers are protected by HTTPS, malicious users cannot intercept this in transit.
When creating a user account for use in web services, ...
Get Mastering ServiceNow - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
