Skip to main content

ServiceNow ITOM MCP Server

Create a powerful Model Context Protocol (MCP) server for ServiceNow IT Operations Management in minutes with our AI Gateway. This guide walks you through setting up seamless IT operations integration with enterprise-grade security and instant OAuth authentication.

About ServiceNow ITOM API

ServiceNow ITOM provides comprehensive visibility into your IT infrastructure, enabling proactive event management, service mapping, and operational intelligence. The API enables programmatic access to discovery, monitoring, event processing, and service analytics.

Key Capabilities

  • Event Management: Collect and correlate events
  • Service Mapping: Discover service dependencies
  • Discovery: Automated infrastructure discovery
  • Operational Intelligence: AI-powered insights
  • Cloud Management: Multi-cloud visibility
  • Orchestration: Automated remediation
  • Health Monitoring: Service health tracking
  • Capacity Planning: Resource optimization

API Features

  • REST API: Event and metric ingestion
  • Discovery API: Infrastructure scanning
  • Service Mapping API: Dependency tracking
  • OAuth 2.0: Secure authentication
  • Metric API: Performance data
  • Orchestration API: Workflow automation
  • MID Server API: Distributed operations
  • Integration Hub: Third-party connectors

What You Can Do with ServiceNow ITOM MCP Server

The MCP server transforms ServiceNow ITOM's API into a natural language interface, enabling AI agents to:

Event Management

  • Event Processing

    • "Process incoming monitoring alerts"
    • "Correlate related events"
    • "Create incident from critical event"
    • "Suppress duplicate alerts"

  • Alert Rules

    • "Configure alert correlation rules"
    • "Set event thresholds"
    • "Define notification policies"
    • "Create alert filters"

  • Event Analytics

    • "Show event storm analysis"
    • "Identify noisy alerts"
    • "Track event patterns"
    • "Analyze root causes"

Service Mapping

  • Service Discovery

    • "Map application dependencies"
    • "Discover service topology"
    • "Identify service components"
    • "Track service relationships"

  • Dependency Tracking

    • "Show services affected by server"
    • "Map database dependencies"
    • "Trace network connections"
    • "Identify single points of failure"

  • Impact Analysis

    • "Analyze change impact"
    • "Show affected business services"
    • "Calculate service availability"
    • "Predict outage impact"

Discovery

  • Infrastructure Discovery

    • "Scan network for devices"
    • "Discover cloud resources"
    • "Identify software installations"
    • "Map virtualization infrastructure"

  • Credential Management

    • "Configure discovery credentials"
    • "Test credential access"
    • "Rotate passwords securely"
    • "Manage SSH keys"

  • Discovery Schedules

    • "Schedule weekly discovery"
    • "Run on-demand discovery"
    • "Configure discovery patterns"
    • "Set discovery windows"

Cloud Management

  • Multi-Cloud Visibility

    • "Discover AWS resources"
    • "Map Azure infrastructure"
    • "Track GCP services"
    • "Monitor hybrid cloud"

  • Cloud Governance

    • "Track cloud spending"
    • "Identify unused resources"
    • "Monitor compliance"
    • "Optimize cloud costs"

  • Cloud Orchestration

    • "Provision cloud resources"
    • "Automate scaling"
    • "Manage cloud tags"
    • "Execute cloud workflows"

Operational Intelligence

  • Anomaly Detection

    • "Identify performance anomalies"
    • "Detect unusual patterns"
    • "Predict failures"
    • "Alert on deviations"

  • Predictive Analytics

    • "Forecast capacity needs"
    • "Predict service degradation"
    • "Estimate MTTR"
    • "Calculate failure probability"

  • Health Scoring

    • "Calculate service health scores"
    • "Track health trends"
    • "Identify degrading services"
    • "Monitor SLA compliance"

Orchestration

  • Workflow Automation

    • "Create remediation workflow"
    • "Automate recovery procedures"
    • "Execute runbooks"
    • "Trigger failover processes"

  • Integration Actions

    • "Restart services remotely"
    • "Clear disk space"
    • "Update configurations"
    • "Scale resources"

  • Approval Workflows

    • "Request automated actions"
    • "Approve critical changes"
    • "Validate orchestration steps"
    • "Audit automation activities"

Performance Monitoring

  • Metric Collection

    • "Collect system metrics"
    • "Monitor application performance"
    • "Track network latency"
    • "Measure response times"

  • Threshold Management

    • "Set performance thresholds"
    • "Configure baseline alerts"
    • "Define SLA metrics"
    • "Create composite metrics"

  • Capacity Planning

    • "Analyze resource utilization"
    • "Predict capacity needs"
    • "Identify bottlenecks"
    • "Plan infrastructure growth"

Compliance & Reporting

  • Compliance Monitoring

    • "Track configuration compliance"
    • "Monitor security patches"
    • "Verify license compliance"
    • "Audit access controls"

  • Operational Reports

    • "Generate availability reports"
    • "Create performance dashboards"
    • "Track SLA metrics"
    • "Export executive summaries"

  • Audit Trail

    • "Track configuration changes"
    • "Monitor discovery activities"
    • "Log orchestration actions"
    • "Record event processing"

Prerequisites

  • Access to Cequence AI Gateway
  • ServiceNow instance with ITOM modules
  • Admin role in ServiceNow
  • MID Server configured (for Discovery)

Step 1: Configure ServiceNow OAuth

1.1 Create OAuth Application

  1. Log in to your ServiceNow instance
  2. Under All tab, search for Inbound Integration
  3. Click New Integration
  4. Select OAuth - Authorization Code grant

1.2 Configure OAuth Settings

Fill in the Details form with the following:

  1. Name: "AI Gateway ITOM MCP" (or your preferred name)
  2. Redirect URLs: 
    https://auth.aigateway.cequence.ai/v1/outbound/oauth/callback
  3. Client ID: Auto-generated (copy this value)
  4. Client Secret: Auto-generated (copy this value)
  5. Access Token Lifespan: Set custom value or keep default
  6. Refresh Token Lifespan: Set custom value or keep default
  7. Active: Check this box
  8. Click Submit to create the application

1.3 Configure ITOM-Specific Settings

  1. Enable ITOM application scopes
  2. Configure Event Management access
  3. Set Discovery permissions
  4. Enable Service Mapping APIs

1.4 Configure MID Server

  1. Install MID Server if needed
  2. Configure discovery credentials
  3. Set up network access
  4. Test connectivity

Step 2-4: Standard Setup

Follow standard steps to access AI Gateway, find ServiceNow ITOM API, and create MCP server.

Step 5: Configure API Endpoints

  1. Base URL: https://{instance}.service-now.com/api
  2. Select ITOM endpoints:
    • Event Management endpoints
    • Discovery endpoints
    • Service Mapping endpoints
    • Orchestration endpoints
  3. Click Next

Step 6: MCP Server Configuration

  1. Name: "ServiceNow ITOM"
  2. Description: "IT Operations Management platform"
  3. Configure production mode
  4. Click Next

Step 7: Configure Authentication

  1. Authentication Type: OAuth 2.0
  2. Instance Name: Your ServiceNow instance
  3. Grant Type: Authorization Code
  4. Authorization URL: 
    https://{instance}.service-now.com/oauth_auth.do
  5. Token URL: 
    https://{instance}.service-now.com/oauth_token.do
  6. Enter Client ID and Secret
  7. Scopes: Use default scope (see next section)

Available ServiceNow OAuth Scopes

ServiceNow provides a default OAuth scope for API access:

  • useraccount
    • Access to user account information
    • API operations and table access
    • Standard authentication scope

This is the predefined scope provided by ServiceNow for OAuth integrations.

Step 8-10: Complete Setup

Configure security, choose deployment, and deploy.

Using Your ServiceNow ITOM MCP Server

Setup Instructions:

Natural Language Commands

  • "Show all critical events from last hour"
  • "Map dependencies for payment service"
  • "Run discovery on production subnet"
  • "Analyze event storm for web servers"
  • "Predict capacity needs for next quarter"

Common Use Cases

Event Management

  • Alert correlation and suppression
  • Automated incident creation
  • Event storm detection
  • Root cause analysis

Service Visibility

  • Application dependency mapping
  • Business service modeling
  • Impact analysis
  • Service health tracking

Infrastructure Discovery

  • Automated CMDB population
  • Cloud resource discovery
  • Network topology mapping
  • Software inventory

Operational Automation

  • Auto-remediation workflows
  • Predictive maintenance
  • Capacity optimization
  • Performance tuning

Security Best Practices

  1. OAuth Security:

    • Use minimal required scopes
    • Implement token rotation
    • Monitor API usage
    • Set IP restrictions

  2. Discovery Security:

    • Secure credential storage
    • Use least privilege
    • Audit discovery runs
    • Network segmentation

  3. Event Security:

    • Validate event sources
    • Encrypt sensitive data
    • Monitor anomalies
    • Access control

Troubleshooting

Common Issues

  1. Authentication Errors

    • Verify OAuth configuration
    • Check instance URL
    • Validate credentials
    • Review scope permissions

  2. Discovery Issues

    • Check MID Server status
    • Verify network connectivity
    • Validate credentials
    • Review discovery logs

  3. Event Processing

    • Check event rules
    • Verify source integration
    • Review transformation maps
    • Monitor event queue

Getting Help