> ## Documentation Index
> Fetch the complete documentation index at: https://docs.stackone.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Connect ServiceNow with Basic Auth – StackOne Hub

> Link a ServiceNow account in the StackOne Hub using Basic Auth. End-user guide to authorize the integration and start using ServiceNow actions.

<Warning>You will need a ServiceNow account with appropriate permissions to access the Table API (such as admin or itil roles). Basic Auth must be enabled in two places: (1) a REST API Access Policy covering the Table API, and (2) the BasicAuth inbound authentication profile must be active.</Warning>

<section data-guide-section data-guide-scopes="">
  <h2>Step 1 — Configure the REST API Access Policy</h2>

  <p>ServiceNow gates access to the Table API behind REST API Access Policies. You need a policy covering the Table API that allows Basic Authentication.</p>

  <Steps>
    <Step title="Open REST API Access Policies">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>Find the policies that gate access to the Table API.</p>

        <ul>
          <li>Sign in to your ServiceNow instance at `https://[your-instance].service-now.com`</li>
          <li>In the left navigation filter, type `api access` (or navigate to <strong>System Web Services</strong> > <strong>API Access Policies</strong> > <strong>REST API Access Policies</strong>)</li>
          <li>Click <strong>REST API Access Policies</strong> to open the list of existing policies</li>
        </ul>
      </div>
    </Step>

    <Step title="Identify Existing Table API Policies">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>Recent ServiceNow releases (Washington D.C. and later, including Australia) ship with method-specific policies instead of a single "Basic Auth" policy.</p>

        <ul>
          <li><strong>Newer releases (Washington D.C.+)</strong>: look for <strong>Table GET API Access Policy</strong> and <strong>Table POST API Access Policy</strong> — pre-installed and Active=true by default</li>
          <li><strong>Older releases</strong>: look for a single policy named <strong>Basic Auth</strong> (REST API = Table API, REST API PATH = `now/table`)</li>
          <li>If either layout is present and Active, you can skip to Step 2 below</li>
          <li>If you previously created a custom wildcard policy (e.g., for API Key auth) and removed the pre-shipped policies, ensure that policy has <strong>Advertise all auth schemes</strong> ticked or includes a Basic Auth inbound profile — otherwise Basic Auth will return HTTP 401</li>
        </ul>
      </div>
    </Step>

    <Step title="Option A — Use the Pre-shipped Policies (Default)">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>Simplest path — keep the policies ServiceNow ships and just verify they are active.</p>

        <ul>
          <li>Open <strong>Table GET API Access Policy</strong> — confirm <strong>Active</strong> is checked, then <strong>Update</strong> if you changed anything</li>
          <li>Open <strong>Table POST API Access Policy</strong> — confirm <strong>Active</strong> is checked</li>
          <li>If Table POST shows <strong>Apply to all methods/resources/versions = false</strong>, verify the Resource pattern is `/now/table/{tableName}` and the table list covers the tables you plan to write to (incident, problem, change\_request, etc.)</li>
          <li>These pre-shipped policies allow Basic Auth by default — no profile attachment is required because the platform applies the BasicAuth profile automatically once it is active (see Step 2)</li>
        </ul>
      </div>
    </Step>

    <Step title="Option B — Create a New Policy if None Exist">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>If the pre-shipped policies are missing (or you deleted them in favour of a single broad policy), create one yourself.</p>

        <ul>
          <li>From the REST API Access Policies list, click <strong>New</strong></li>
          <li><strong>Name</strong>: `StackOne Connector Policy` (or similar)</li>
          <li><strong>Active</strong>: ✓</li>
          <li><strong>REST API</strong>: select <strong>Table API</strong> (REST API PATH auto-fills to `now/table`)</li>
          <li><strong>Apply to all methods</strong>: ✓</li>
          <li><strong>Apply to all resources</strong>: ✓</li>
          <li><strong>Apply to all versions</strong>: ✓</li>
          <li><strong>Apply to all tables</strong>: ✓</li>
          <li><strong>Advertise all auth schemes</strong>: ✓ — this allows Basic Auth alongside any explicit profiles. Skip this only if you want to restrict to specific profiles</li>
          <li>Under <strong>Inbound authentication profiles</strong>, click <strong>Insert a new row\...</strong> and add a Basic Auth profile if one exists in the dropdown (e.g., <strong>BasicAuth for none public processors</strong>). If only API Key profiles appear, leave this empty — Advertise all auth schemes will cover Basic Auth</li>
          <li>Click <strong>Submit</strong></li>
        </ul>
      </div>
    </Step>

    <Step title="(Optional) Add a Resource-by-ID Policy">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>Only needed if GET-by-ID requests (e.g. `/now/table/incident/{sys_id}`) start returning 401 even after the above policies are active. Most newer releases do not require this.</p>

        <ul>
          <li>If you see a policy named <strong>REST API resource by id</strong> (or similar), open it and set <strong>Active</strong> = true</li>
          <li>If not present and you hit 401s on GET-by-ID, click <strong>New</strong> with: REST API = Table API, REST API PATH = `now/table`, Resource = `/now/table/{tableName}/{sys_id}`, Apply to all methods/tables/versions = true, attach a Basic Auth inbound profile, then <strong>Submit</strong></li>
        </ul>
      </div>
    </Step>
  </Steps>
</section>

<section data-guide-section data-guide-scopes="">
  <h2>Step 2 — Activate the BasicAuth Inbound Authentication Profile</h2>

  <p>ServiceNow ships with a built-in inbound authentication profile named <strong>BasicAuth for none public processors</strong> that handles Basic Auth across all non-public REST endpoints. On many releases — including Australia PDIs — this profile is <strong>inactive by default</strong>. If it stays inactive, every Basic Auth request returns `HTTP 401 - User is not authenticated`, even with valid credentials and a permissive Access Policy.</p>

  <Steps>
    <Step title="Open Inbound Authentication Profiles">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>Find the list of inbound auth profiles on the instance.</p>

        <ul>
          <li>In the left navigation filter, type `inbound auth`</li>
          <li>Click <strong>System Web Services > API Access Policies > Inbound Authentication Profile</strong></li>
        </ul>
      </div>
    </Step>

    <Step title="Activate BasicAuth (if it exists)">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>Most instances already have the profile — just toggle it on.</p>

        <ul>
          <li>Look for a row named <strong>BasicAuth for none public processors</strong> (description "BasicAuth for all none public processors", `Apply to all none public processors = true`)</li>
          <li>Open the record — if <strong>Active = false</strong>, tick <strong>Active</strong> ✓ and click <strong>Update</strong></li>
          <li>Because `Apply to all none public processors = true`, no further wiring is required — Basic Auth will work for any access policy that doesn't explicitly restrict the auth profile list</li>
        </ul>
      </div>
    </Step>

    <Step title="Create the Profile (only if missing)">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>On some hardened instances the BasicAuth profile may have been removed. Recreate it.</p>

        <ul>
          <li>From the Inbound Authentication Profile list, click <strong>New</strong></li>
          <li>Pick the <strong>Basic Auth</strong> profile type if the form asks for a class</li>
          <li><strong>Name</strong>: `BasicAuth for none public processors`</li>
          <li><strong>Active</strong>: ✓</li>
          <li><strong>Apply to all none public processors</strong>: ✓</li>
          <li><strong>Description</strong>: `BasicAuth for all none public processors`</li>
          <li>Click <strong>Submit</strong></li>
        </ul>
      </div>
    </Step>
  </Steps>
</section>

<section data-guide-section data-guide-scopes="">
  <h2>Get Your ServiceNow Instance Name</h2>

  <p>Your ServiceNow instance name is the subdomain in your ServiceNow URL.</p>

  <Steps>
    <Step title="Identify Instance Name">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>Find your ServiceNow instance name from your login URL.</p>

        <ul>
          <li>Sign in to your <a href="https://www.servicenow.com/" target="_blank" rel="noopener noreferrer">ServiceNow instance</a></li>
          <li>Note your instance URL format (e.g., `https://dev12345.service-now.com`)</li>
          <li>Your instance name is the subdomain before `.service-now.com` (e.g., `dev12345`)</li>
          <li>For Personal Developer Instances, the name typically follows the pattern `dev#####`</li>
        </ul>
      </div>
    </Step>
  </Steps>
</section>

<section data-guide-section data-guide-scopes="">
  <h2>Get Your Username and Password</h2>

  <p>Use your existing ServiceNow account credentials.</p>

  <Steps>
    <Step title="Locate Your Credentials">
      <div data-guide-step data-guide-scopes="" data-guide-display-scopes-list="">
        <p>Use the same username and password you use to sign in to ServiceNow.</p>

        <ul>
          <li><strong>Username</strong>: Your ServiceNow account username (e.g., admin or your assigned username)</li>
          <li><strong>Password</strong>: Your ServiceNow account password</li>
          <li>Ensure your account has necessary roles by navigating to User Administration > Users, search for your username, and check the Roles tab</li>
          <li>Required roles: admin, itil, or rest\_api\_explorer for Table API access</li>
        </ul>
      </div>
    </Step>
  </Steps>
</section>

<div data-whitelabel-hide>
  <h2>Linking the Account from the Hub</h2>

  <Steps>
    <Step title="Navigate to the Hub">
      Use one of the three <a href="/guides/accounts-section#linking-accounts">Linking Account Methods</a> to access the Hub.
    </Step>

    <Step title="Fill out the fields">
      Fill out the following fields using details from your provider:

      <ul>
        <li><strong>Instance Name</strong></li>
        <li><strong>Username</strong></li>
        <li><strong>Password</strong></li>
      </ul>
    </Step>

    <Step title="Connect">
      <ul>
        <li>Click <strong>Connect</strong></li>
        <li>If applicable, the provider will redirect you to a sign-in or authorization page. Complete the provider's authorization flow.</li>
        <li>Once authorization is successful, you will see a confirmation popup</li>
      </ul>
    </Step>
  </Steps>

  <p>If the account linking is successful, you will see the newly linked account in your <a href="/guides/accounts-section">Accounts</a> page.</p>
</div>

## Next Steps

<Columns cols={2}>
  <Card title="Webhooks setup" href="/connectors/servicenow/guides/webhook-setup">
    <p className="connector-page-auth-description" style={{ fontSize: '14px', marginTop: 0, marginBottom: 0 }}>
      Configure receiving Events for ServiceNow into StackOne.
    </p>
  </Card>
</Columns>
