Example custom scripts for Password Reset
Summarize
Summarized using AI
This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.
Summary of Example Custom Scripts for Password Reset
This document provides example scripts for implementing a password reset functionality in ServiceNow. The scripts demonstrate how to perform user account lookups, process identification forms, define credential stores, and create identification types, which are crucial for ensuring secure and efficient password management.
Show less
Key Features
- User Account Lookup: Utilizes an extension to find user accounts based on their user ID.
- Identification Form Processing: Processes form submissions to verify user identity and return the corresponding user sysid.
- Credential Store Definition: Enables the setup of a credential store for managing user account IDs.
- Extension Scripts: Includes sample scripts that can be modified for custom requirements.
Key Outcomes
By implementing these scripts, ServiceNow customers can:
- Streamline the password reset process by automating user account lookups and identity verification.
- Ensure that user identification is accurately processed, returning sysids for verified users.
- Facilitate the integration of custom extensions to enhance password reset capabilities.
The example scripts perform a user account lookup and processes an identification form, define a credential store, and create an identification type.
Perform a user account lookup and process an identification form
The main script calls two extension scripts, one to perform the user account lookup, and the other to process the identification form.// User account lookup
var lookupExtensionSysId = getExtensionScriptSysId('SampleUserAccountLookupExtension', 'user_account_lookup');
var lookupExtension = new SNC.PwdExtensionPoint(lookupExtensionSysId);
// Setup parameters required for this extension type - userId
var params = new SNC.PwdExtensionPointParameter() ;
params.userId= 'joe.employee';
// Invoke the extension
var answer = lookupExtension.process(params);
gs.print('user: ' + answer);
//Form processor sample - Identification form processor
var identExtensionSysId = getExtensionScriptSysId('SampleIdentificationProcessorExtension', 'identification_form_processor');
var identificationExtension = new SNC.PwdExtensionPoint(identExtensionSysId);
// Setup parameters required for this extension type - processId
var params = new SNC.PwdExtensionPointParameter() ;
params.processId = 'pwdreq1234';
// Simulate the posted form parameter for the indentification processor
var request = new SNC.PwdExtensionPointParameter() ; // A real life case will inject it's own request object
request.setParameter('sysparm_user_id', 'joe.employee');
var userIdentity = identificationExtension.processForm(params, request);
gs.print('identity: ' + userIdentity);
// Simple helper to return the sys-id for a given extension script
function getExtensionScriptSysId(scriptName, category) {
var result;
var now_GR = new GlideRecord('sys_script_include');
gr.addQuery('name', scriptName);
gr.addQuery('script', 'CONTAINS', 'category: \'password_reset.extension.' + category + '\'');
gr.query();
if (gr.next() ) {
result = gr.getValue('sys_id');
}
return result;
}Define a credential store
The following is an example of an extended process function in the User Account Lookup category used to define a credential store. To create this extension script, go to and create a new script as described in Create an Extension Script. To configure the User Lookup in a Password Reset process, see Credential Stores.
<?xml version="1.0" encoding="UTF-8"?>
<record_update table="sys_script_include">
<sys_script_include action="INSERT_OR_UPDATE">
<active>true</active>
<client_callable>false</client_callable>
<description>Simple account lookup that returns the supplied user id</description>
<name>SampleUserAccountLookupExtension</name>
<script><![CDATA[var SampleUserAccountLookupExtension = Class.create();
SampleUserAccountLookupExtension.prototype = {
category: 'password_reset.extension.user_account_lookup', // DO NOT REMOVE THIS LINE!
/**********
* Returns the credential-store account id for a given user
*
* @param params.userId The sys-id of the user being checked (table: sys_user)
* @return The credential-store account-id (string) for a given user
**********/
process: function(params) {
return params.userId;
},
type: 'SampleUserAccountLookupExtension'
};]]></script>
<sys_created_by>admin</sys_created_by>
<sys_created_on>2013-07-30 16:44:55</sys_created_on>
<sys_id>2df5a103d73201002bb9af728e610333</sys_id>
<sys_mod_count>1</sys_mod_count>
<sys_updated_by>admin</sys_updated_by>
<sys_updated_on>2013-07-30 16:46:00</sys_updated_on>
</sys_script_include>
<sys_app_file action="INSERT_OR_UPDATE">
<customer_update>false</customer_update>
<publish_override/>
<replace_on_upgrade>false</replace_on_upgrade>
<restore/>
<sys_app/>
<sys_code>!!1W4/</sys_code>
<sys_created_by>admin</sys_created_by>
<sys_created_on>2013-07-30 16:44:55</sys_created_on>
<sys_id>8306e143d73201002bb9af728e6103d3</sys_id>
<sys_mod_count>0</sys_mod_count>
<sys_name>SampleUserAccountLookupExtension</sys_name>
<sys_parent/>
<sys_path>!!1W4/</sys_path>
<sys_policy/>
<sys_source_deleted>false</sys_source_deleted>
<sys_source_id>2df5a103d73201002bb9af728e610333</sys_source_id>
<sys_source_table>sys_script_include</sys_source_table>
<sys_type>code</sys_type>
<sys_update_name>sys_script_include_2df5a103d73201002bb9af728e610333</sys_update_name>
<sys_updated_by>admin</sys_updated_by>
<sys_updated_on>2013-07-30 16:46:00</sys_updated_on>
</sys_app_file>
</record_update>
Create an identification type
The following is an example of an extended processForm function in the Identification Form Processor category that can be used to create an identification type. To create this extension script, go to and create a new script as described in Create an Extension Script.
<?xml version="1.0" encoding="UTF-8"?>
<record_update table="sys_script_include">
<sys_script_include action="INSERT_OR_UPDATE">
<active>true</active>
<client_callable>false</client_callable>
<description>Script that processes an identification form.
Returns the sys-id of the user that corresponds to the requested input; if no user was found, null should be returned.
</description>
<name>SampleIdentificationProcessorExtension</name>
<script><![CDATA[var SampleIdentificationProcessorExtension = Class.create();
SampleIdentificationProcessorExtension.prototype = {
category: 'password_reset.extension.identification_form_processor', // DO NOT REMOVE THIS LINE!
/**********
* Process the identification form request, and returns the user's sys_id. if user was not identified return null.
*
* @param params.processId The sys-id of the calling password-reset process (table: pwd_process)
* @param request The form request object. fields in the form can be accessed using: request.getParameter('<element-id>')
* Supported request paramters:
* sysparm_user_id - the user identifier value entered in the form.
* @return The sys-id of the user that corresponds to the requested input; if no user was found, null should be returned.
**********/
processForm: function(params, request) {
return request.getParameter('sysparm_user_id') + '_' + params.processId;
},
type: 'SampleIdentificationProcessorExtension'
};]]></script>
<sys_created_by>admin</sys_created_by>
<sys_created_on>2013-07-30 17:00:28</sys_created_on>
<sys_id>3a79a503d73201002bb9af728e610349</sys_id>
<sys_mod_count>1</sys_mod_count>
<sys_updated_by>admin</sys_updated_by>
<sys_updated_on>2013-07-30 17:08:41</sys_updated_on>
</sys_script_include>
<sys_app_file action="INSERT_OR_UPDATE">
<customer_update>false</customer_update>
<publish_override/>
<replace_on_upgrade>false</replace_on_upgrade>
<restore/>
<sys_app/>
<sys_code>!!1W5/</sys_code>
<sys_created_by>admin</sys_created_by>
<sys_created_on>2013-07-30 17:00:28</sys_created_on>
<sys_id>4799ed03d73201002bb9af728e610333</sys_id>
<sys_mod_count>0</sys_mod_count>
<sys_name>SampleIdentificationProcessorExtension</sys_name>
<sys_parent/>
<sys_path>!!1W5/</sys_path>
<sys_policy/>
<sys_source_deleted>false</sys_source_deleted>
<sys_source_id>3a79a503d73201002bb9af728e610349</sys_source_id>
<sys_source_table>sys_script_include</sys_source_table>
<sys_type>code</sys_type>
<sys_update_name>sys_script_include_3a79a503d73201002bb9af728e610349</sys_update_name>
<sys_updated_by>admin</sys_updated_by>
<sys_updated_on>2013-07-30 17:08:41</sys_updated_on>
</sys_app_file>
</record_update>Use the process and processForm extensions
This example shows a script that uses two sample extensions, one process extension and one processForm extension.
// User account lookup
var lookupExtensionSysId = getExtensionScriptSysId('SampleUserAccountLookupExtension','user_account_lookup');
var lookupExtension =new SNC.PwdExtensionPoint(lookupExtensionSysId);
// Setup parameters required for this extension type - userId
var params =new SNC.PwdExtensionPointParameter();
params.userId='joe.employee';
// Invoke the extension
var answer = lookupExtension.process(params);
gs.print('user: '+ answer);
//Form processor sample - Identification form processor
var identExtensionSysId = getExtensionScriptSysId('SampleIdentificationProcessorExtension','identification_form_processor');
var identificationExtension =new SNC.PwdExtensionPoint(identExtensionSysId);
// Setup parameters required for this extension type - processId
var params =new SNC.PwdExtensionPointParameter();
params.processId='pwdreq1234';
// Simulate the posted form parameter for the indentification processor
var request =new SNC.PwdExtensionPointParameter();// A real life case will inject it's own request object
request.setParameter('sysparm_user_id','joe.employee');
var userIdentity = identificationExtension.processForm(params, request);
gs.print('identity: '+ userIdentity);
// Simple helper to return the sys-id for a given extension scriptfunction
getExtensionScriptSysId(scriptName, category){
var result;
var now_GR =new GlideRecord('sys_script_include');
gr.addQuery('name', scriptName);
gr.addQuery('script','CONTAINS','category: \'password_reset.extension.'+ category +'\'');
gr.query();
if(gr.next()){
result = gr.getValue('sys_id');}return result;}process
function:
<?xml version="1.0" encoding="UTF-8"?><record_update table="sys_script_include"><sys_script_include action="INSERT_OR_UPDATE"><active>true</active><client_callable>false</client_callable><description>Simple account lookup that returns the supplied user id</description><name>SampleUserAccountLookupExtension</name><script><![CDATA[var SampleUserAccountLookupExtension =Class.create();
SampleUserAccountLookupExtension.prototype={
category:'password_reset.extension.user_account_lookup',// DO NOT REMOVE THIS LINE!
/**********
* Returns the credential-store account id for a given user
*
* @param params.userId The sys-id of the user being checked (table: sys_user)
* @return The credential-store account-id (string) for a given user
**********/
process:function(params){return params.userId;},
type:'SampleUserAccountLookupExtension'
};]]></script><sys_created_by>admin</sys_created_by><sys_created_on>2013-07-3016:44:55</sys_created_on><sys_id>2df5a103d73201002bb9af728e610333</sys_id><sys_mod_count>1</sys_mod_count><sys_updated_by>admin</sys_updated_by><sys_updated_on>2013-07-3016:46:00</sys_updated_on></sys_script_include><sys_app_file action="INSERT_OR_UPDATE"><customer_update>false</customer_update><publish_override/><replace_on_upgrade>false</replace_on_upgrade><restore/><sys_app/><sys_code>!!1W4/</sys_code><sys_created_by>admin</sys_created_by><sys_created_on>2013-07-3016:44:55</sys_created_on><sys_id>8306e143d73201002bb9af728e6103d3</sys_id><sys_mod_count>0</sys_mod_count><sys_name>SampleUserAccountLookupExtension</sys_name><sys_parent/><sys_path>!!1W4/</sys_path><sys_policy/><sys_source_deleted>false</sys_source_deleted><sys_source_id>2df5a103d73201002bb9af728e610333</sys_source_id><sys_source_table>sys_script_include</sys_source_table><sys_type>code</sys_type><sys_update_name>sys_script_include_2df5a103d73201002bb9af728e610333</sys_update_name><sys_updated_by>admin</sys_updated_by><sys_updated_on>2013-07-3016:46:00</sys_updated_on></sys_app_file></record_update>processForm
function:
<?xml version="1.0" encoding="UTF-8"?><record_update table="sys_script_include"><sys_script_include action="INSERT_OR_UPDATE"><active>true</active><client_callable>false</client_callable><description>Script that processes an identification form.
Returns the sys-id of the user that corresponds to the requested input;if no user was found,null should be returned. </description><name>SampleIdentificationProcessorExtension</name><script><![CDATA[var SampleIdentificationProcessorExtension =Class.create();
SampleIdentificationProcessorExtension.prototype={
category:'password_reset.extension.identification_form_processor',// DO NOT REMOVE THIS LINE!
/**********
* Process the identification form request, and returns the user's sys_id. if user was not identified return null.
*
* @param params.processId The sys-id of the calling password-reset process (table: pwd_process)
* @param request The form request object. fields in the form can be accessed using: request.getParameter('<element-id>')
* Supported request paramters:
* sysparm_user_id - the user identifier value entered in the form.
* @return The sys-id of the user that corresponds to the requested input; if no user was found, null should be returned.
**********/
processForm:function(params, request){return request.getParameter('sysparm_user_id')+'_'+ params.processId;},
type:'SampleIdentificationProcessorExtension'
};]]></script><sys_created_by>admin</sys_created_by><sys_created_on>2013-07-3017:00:28</sys_created_on><sys_id>3a79a503d73201002bb9af728e610349</sys_id><sys_mod_count>1</sys_mod_count><sys_updated_by>admin</sys_updated_by><sys_updated_on>2013-07-3017:08:41</sys_updated_on></sys_script_include><sys_app_file action="INSERT_OR_UPDATE"><customer_update>false</customer_update><publish_override/><replace_on_upgrade>false</replace_on_upgrade><restore/><sys_app/><sys_code>!!1W5/</sys_code><sys_created_by>admin</sys_created_by><sys_created_on>2013-07-3017:00:28</sys_created_on><sys_id>4799ed03d73201002bb9af728e610333</sys_id><sys_mod_count>0</sys_mod_count><sys_name>SampleIdentificationProcessorExtension</sys_name><sys_parent/><sys_path>!!1W5/</sys_path><sys_policy/><sys_source_deleted>false</sys_source_deleted><sys_source_id>3a79a503d73201002bb9af728e610349</sys_source_id><sys_source_table>sys_script_include</sys_source_table><sys_type>code</sys_type><sys_update_name>sys_script_include_3a79a503d73201002bb9af728e610349</sys_update_name><sys_updated_by>admin</sys_updated_by><sys_updated_on>2013-07-3017:08:41</sys_updated_on></sys_app_file></record_update>