Connect to ServiceNow

Kindo supports two integration patterns with ServiceNow:

• OAuth 2.0 Client Credentials — Allows Kindo to authenticate with your ServiceNow instance and access its APIs (e.g., reading and creating incidents).
• Direct Webhook URL — Allows ServiceNow to send real-time event notifications (e.g., incident created, updated, resolved) to a Kindo agent via an outbound webhook.

You can use either or both depending on your use case.

---

OAuth 2.0 Client Credentials

Kindo supports integration with ServiceNow using OAuth 2.0 Client Credentials (CC) for secure authentication.

Important

This integration is only supported for ServiceNow instances on the Washington DC release or newer. Older versions of ServiceNow do not support the Client Credentials grant type for inbound OAuth, so this method will not work there. If your instance is on an older release, please contact Kindo support and we will work with you to provide an alternative authentication solution.

Prerequisites

You must have the System Administrator role. For certain steps, you will need to elevate your privileges to security_admin.

Step 1: Enable OAuth Client Credentials Grant Type

1. Log in to ServiceNow with your System Administrator account.

2. Elevate your role to security_admin.

3. Navigate to System Properties (https://<instance_id>.service-now.com/sys_properties_list.do).

4. Add a new property with the following values:

   Field	Value
   Name	glide.oauth.inbound.client.credential.grant_type.enabled
   Description	(Optional) Enable OAuth client-credentials grant type
   Type	true | false
   Value	true

5. Save the property.

Step 2: Register the OAuth Application

1. Go to Application Registry in ServiceNow.

2. Create a new OAuth application with the following settings:

   Field	Value
   Application	Global
   OAuth Application User	The Service Account user that Kindo will use for authentication
   Client ID	Auto-filled
   Client Secret	Auto-generated on save
   Scope Restriction	Broadly Scoped

3. Save the OAuth application configuration.

Next Steps

Once these steps are complete, your ServiceNow instance will be ready for integration with Kindo using OAuth 2.0 Client Credentials.

1. In Kindo, open the Command Center and, under Manage Your Integrations, connect to ServiceNow.
2. Enter the Client ID and Client Secret from Step 2.
3. Provide your ServiceNow instance URL (e.g., https://<instance_id>.service-now.com).
4. Click Connect to complete the integration.

If you need further assistance, please refer to ServiceNow’s documentation or contact your Kindo support representative.

---

Direct Webhook URL

ServiceNow can send real-time event notifications to a Kindo agent using a Direct Webhook URL. When an incident (or other record) is created or updated, ServiceNow sends a POST request with the record data to your agent’s webhook endpoint, triggering the agent automatically.

This is useful when you want a Kindo agent to react to ServiceNow events — for example, triaging new incidents, summarizing updates, or escalating based on priority.

Prerequisites

• A Kindo agent with a Direct Webhook URL trigger saved. See Creating Agents — Direct Webhook URL Triggers for setup instructions. Copy the generated webhook URL — you will need it in the steps below.
• System Administrator access to your ServiceNow instance.

Step 1: Create an Outbound REST Message

1. In ServiceNow, navigate to System Web Services > Outbound > REST Message.

2. Click New and fill in the following:

   Field	Value
   Name	Kindo Agent Webhook
   Endpoint	Your Kindo webhook URL (e.g., https://api.kindo.ai/webhook/agent/<workflowId>/<token>)
   Authentication	No authentication (the secret token is embedded in the URL)

3. Click Submit.

Step 2: Add an HTTP Method

1. Open the REST Message you just created.

2. In the HTTP Methods related list at the bottom, click New.

3. Fill in the following:

   Field	Value
   Name	POST
   HTTP Method	POST

4. Switch to the HTTP Request tab.

5. In the HTTP Headers section, click Insert a new row and add:

   Name	Value
   Content-Type	application/json

6. In the Content field, paste a JSON payload template. Customize the fields based on what your Kindo agent needs:

   {
     "event_type": "incident_update",
     "incident_number": "${number}",
     "sys_id": "${sys_id}",
     "short_description": "${short_description}",
     "description": "${description}",
     "state": "${state}",
     "priority": "${priority}",
     "urgency": "${urgency}",
     "assigned_to": "${assigned_to}",
     "assignment_group": "${assignment_group}",
     "caller": "${caller_id}",
     "category": "${category}",
     "subcategory": "${subcategory}",
     "created_on": "${sys_created_on}",
     "updated_on": "${sys_updated_on}"
   }

7. Click Auto-generate variables to create variable substitution entries for each ${...} placeholder.

8. Click Submit.

Step 3: Create a Business Rule

The Business Rule tells ServiceNow when to fire the webhook. In this example, it fires whenever an incident is created or updated.

1. Navigate to System Definition > Business Rules and click New.

2. Fill in the top section:

   Field	Value
   Name	Send to Kindo on Incident Update
   Table	Incident [incident]
   Active	Checked
   Advanced	Checked

3. Switch to the When to run tab and configure:

   Field	Value
   When	after
   Insert	Checked
   Update	Checked

   Optionally add Filter Conditions to narrow when the rule fires (e.g., State changes to Resolved).

4. Switch to the Advanced tab and paste the following script:

   (function executeRule(current, previous) {
     try {
       var rm = new sn_ws.RESTMessageV2('Kindo Agent Webhook', 'POST');
       rm.setStringParameterNoEscape('number', current.number.toString());
       rm.setStringParameterNoEscape('sys_id', current.sys_id.toString());
       rm.setStringParameterNoEscape('short_description', current.short_description.toString());
       rm.setStringParameterNoEscape('description', current.description.toString());
       rm.setStringParameterNoEscape('state', current.state.getDisplayValue());
       rm.setStringParameterNoEscape('priority', current.priority.getDisplayValue());
       rm.setStringParameterNoEscape('urgency', current.urgency.getDisplayValue());
       rm.setStringParameterNoEscape('assigned_to', current.assigned_to.getDisplayValue());
       rm.setStringParameterNoEscape('assignment_group', current.assignment_group.getDisplayValue());
       rm.setStringParameterNoEscape('caller_id', current.caller_id.getDisplayValue());
       rm.setStringParameterNoEscape('category', current.category.toString());
       rm.setStringParameterNoEscape('subcategory', current.subcategory.toString());
       rm.setStringParameterNoEscape('sys_created_on', current.sys_created_on.toString());
       rm.setStringParameterNoEscape('sys_updated_on', current.sys_updated_on.toString());
       rm.execute();
     } catch (ex) {
       gs.error('Kindo webhook failed: ' + ex.getMessage());
     }
   })(current, previous);

   Note

   If you customized the JSON payload in Step 2, update the setStringParameterNoEscape calls to match. Each call maps a ${variable} in the payload template to a field on the current record. Use .getDisplayValue() for reference fields (like assigned_to) to send the display name instead of a sys_id.

5. Click Submit.

Step 4: Test the Integration

1. In ServiceNow, create or update an Incident that matches your filter conditions.

2. In Kindo, open the agent and check its run history. You should see a new run triggered by the webhook, with the incident data available in the payload.

3. If the agent did not run, check the following in ServiceNow:

   • Navigate to System Logs > Outbound HTTP Requests.
   • Filter by endpoint containing kindo.ai.
   • Verify the HTTP status code is 200 and review the request body to confirm the payload was sent correctly.

Customizing the Trigger

• Different tables: Replace Incident [incident] with any ServiceNow table (e.g., Change Request, Problem, Service Request) and adjust the payload fields accordingly.
• Conditional triggers: Use the Business Rule’s Filter Conditions to fire only on specific events — for example, only when priority is Critical, or only when state changes to Resolved.
• Run conditions in Kindo: You can also add a natural-language Run Condition on the Direct Webhook URL trigger in Kindo to filter which payloads actually invoke the agent. See Creating Agents — Run Condition for details.

Security Considerations

The Direct Webhook URL contains a cryptographically random secret token. Treat this URL as a secret — anyone who has it can trigger your agent. To rotate the token, delete the trigger in Kindo and create a new one, then update the Outbound REST Message endpoint in ServiceNow.

For more details, see Creating Agents — Security Considerations.