ServiceNow Workflow
A unified portal for governed, self-service request management services leveraging Keeper security services via ServiceNow.
Overview
The ServiceNow Workflow app empowers administrators and security teams to seamlessly manage Keeper Vault operations directly within the ServiceNow platform. This integration leverages the capabilities of the Keeper Commander CLI, enabling automation and secure password management as part of ServiceNow’s IntegrationHub and Flow Designer workflows with a service catalog portal.
This integration is available from the ServiceNow catalog at the URL below:
https://store.servicenow.com/store/app/4b6de27987ebfe14e95f40c5cebb35d9
Features
Endpoint Privilege Manager Approvals
Approve or Deny EPM Requests
Automated SIR incident flow for EPM Approval Request.
Request Access To Record or Folder
Request Access To Folder
Request Access to Record
Request One Time Share
Grant or revoke user access to record(s) or folder(s) given that record or folder path or UID.
Store Records To Keeper Vault
Add Database Credentials
Add Login Record
Add Server Credentials
Add SSH Key
Add Software License
Add Secure Note
Add Memberships
Securely store your credentials in keeper vault.
Search
Search Record
Search Folder
Search for a given record or folder.
Example Use Cases
Request access to a record
Requestor raises a request ticket to access a record stored in a company Keeper vault.
App admin approves the request
Fulfillment groups manages the task and share a requested record via service-now dedicated app
Result: Record is successfully shared to ServiceNow user.
Endpoint Privilege Management
An request is raised form endpoint device.
ServiceNow security incident will be created for that request.
ServiceNow app admin approves / deny the request.
Security incident ticket will be marked closed with appropriate comments.
Prerequisites
Mid server configuration in ServiceNow.
Commander CLI installed in mid server.
ServiceNow Keeper Security ITSM app (Optional - For EPM Approval)
Roles Required In ServiceNow
App admin user roles and accessibilities
Guided Setup
x_keese_ks_inthub.ks_admin
Keeper Sevice Portal
x_keese_ks_inthub.ks_admincatalog-adminmid_server
Service Catalog Requests
Service Catalog Task
x_keese_ks_inthub.ks_admincatalog-adminitilmid_server
My Approvals
x_keese_ks_inthub.ks_admin
Approver user roles
My Approvals
x_keese_ks_inthub.approver
Requestor user roles
Keeper Service Portal
x_keese_ks_inthub.ks_appitilmid_server
Support user roles
Application Log
Support Page
App Privacy Policy
workflow_adminx_keese_ks_inthub.support_user
Download And Install Application
Users who have the System Administrator (admin) role are authorised to install applications from the ServiceNow Store.
Go the ServiceNow Store Listing
Click Get.
Once the app is added successfully to the ServiceNow instance navigate to All > System Applications > All Available Applications > All
Click install
Configuration Instructions
MID Server Configurations
To configure Keeper Security Workflow app for ServiceNow, the admin needs a MID server configured and validated in ServiceNow.
Mid server is an agent in ServiceNow where Keeper commander CLI and service mode will be hosted.
To configure MID Server follow below steps
Log in to the ServiceNow instance using your Administrator privileges.
Navigate to the All tab > Search for keeper security Workflow> Guided Setup > MID Server
Please follow the ServiceNow guidelines here for any MID server installation troubleshooting.
Keeper Security Workflow Configurations
Once, MID server is configured and validated, perform below steps to configure the application.
Log in to the ServiceNow instance using your Administrator privileges.
Navigate to the All tab > Search for Keeper Security Workflow> Guided Setup
Click on Install Keeper Commander CLI, click on Configure, and follow the steps to install Keeper Commander CLI on the MID Server.
Move on to the next step Configure Keeper Service Mode On MID Server, click on configure and follow the steps to configure and start Service Mode on the MID server.
Below is an sample configuration
Approval Group
Once service mode is up and running in the MID server, head over to the guided setup to configure approval groups.
Approval group members will get the requests for approval for each request raised by requestor.
Now, go to the final step of the guided setup Configure Keeper ServiceMode Credentials, click on Configure.
Click on New, and Configure the details of service mode running in mid server.
Requesting Services
A requestor can request a service by following below steps
Navigate to All > Keeper Security Workflow > Keeper Service Portal
In service portal page click on Request something
Click on the desired category and select an service to request for.
Fill the form related to the item, and click on Request.
A request ticket will be assigned to the requestor with the details as seen below.
Approving Requests
On the app admin side, the app admin can view requests, approve or deny requests, and perform tasks as required.
To view and approve / deny requests app admin or approver can navigate to All > Keeper Security Workflow > My Approvals
Approver can approve or deny the request by clicking respective buttons
Task Fulfilment
If a task requires additional information or some fulfillment work from the app admin (such as fetching correct records to share or changing user requests permissions), it can achieved by the task section.
Navigate to All > Keeper Security Workflow > Service Catalog Task
Under task section, app admin can search for a record to share, folder to share or can create a new record in keeper vault directly from ServiceNow.
Under task, the app admin can search for a record
Once a task is completed, The desired record is shared to the requested user, with the message received from Commander service mode.
Endpoint Privilege Manager
Endpoint privilege management approval cycle depends upon the ServiceNow Keeper Security ITSM app.
The admin needs to turn on the alerts for Endpoint Privilege Manager in Keeper Admin Console to be able to use this feature.
1. When a EPM request is raise, You will see the request under Keeper Security Workflow > My Approvals
A request will be created with reference to the security incident ticket.
App admin can approve or deny the request, Once the approval process is done, The security incident ticket will be marked closed with proper comments.
Troubleshooting
Service Mode Configuration Error
If below error occurs in case of configuring service mode with MID server, please follow below troubleshooting steps
Check the service mode host or API Key
Check if the correct MID server is configured while submitting the configuration form.
Approval Request Not Showing In My Approvals Section
Ensure that the correct Approval Group is configured when setting up Service Mode in ServiceNow.
Verify whether the application administrator is a member of the approval group configured in the form.
Records / Folder Search is showing Unexpected error occured
Ensure that MID server status is UP. If the status is Down, restart MID Server
Ensure MID server is validated.
Ensure that Service Mode is running inside correct MID Server and listening to the ports configured.
EPM Requests Not Showing In My Approvals Section
Check if Endpoint Privilege Manager Alerts has been activated in Alerts section of the Keeper Admin Console.
Check if the Keeper Security ITSM app is installed and activated.
Check if the Keeper Security ITSM app is configured correctly.
Application Logs
You can always visit Application Log section for more information about the application logs.
Last updated
Was this helpful?