Instance scan findings

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Instance scan findings

    This document outlines the common findings reported after an instance scan in the Yokohama release (updated January 30, 2025) for ServiceNow customers. After completing the scan, the findings appear in the Scan Findings related list on the Scan Result form. These findings help identify configuration and integration issues, mainly related to connection aliases, OAuth settings, credentials, and calendar synchronization.

    Show full answer Show less

    Key Findings

    • Connection and Credential Aliases: Issues such as missing or invalid connection aliases, multiple or no connections linked to an alias, incorrect connection URLs, and invalid or inactive credentials associated with connections.
    • OAuth Configuration: Problems with OAuth providers and entity profiles including mismatched OAuth scopes and grant types, expired OAuth tokens, invalid token, authorization, or redirect URLs, and missing OAuth entity profiles tied to credentials.
    • Grant Type Requirements: For connections using the Authorization Code grant type, the provider must have Strict mode enabled with a valid Strict mode email configured.
    • Synchronization and Subscription Issues: Missing or inactive providers for synchronization, multiple or expired subscriptions, inactive calendar providers, mismatched or duplicate emails in Rsv Sync configurations, and invalid or missing subscriptions.

    Practical Implications for ServiceNow Customers

    These findings highlight potential misconfigurations that can disrupt integrations such as Microsoft Exchange Online calendar synchronization and OAuth-based authentication workflows. Addressing these findings ensures:

    • Reliable and secure connections to external services.
    • Proper OAuth token management and authentication compliance.
    • Effective synchronization of calendar data and subscription management.

    For remediation, customers should refer to the Microsoft Exchange Online calendar synchronization and synchronization prerequisites and implementation guides provided by ServiceNow.

    After the instance scan completes, on the Scan Result form, review the findings in the Scan Findings related list.

    Scan findings

    The following findings are reported in the scan report:
    • Could not find the sn_ex_online_spke.Microsoft_Exchange_Online Connection and credential alias.
    • The Connection & credential alias specified in the Override alias is not a child alias to the sn_ex_online_spke.Microsoft_Exchange_Online Connection and credential alias.
    • There are multiple/no connections associated with the ' + selectedAlias.getValue('name') + ' Connection and credential alias.
    • There are multiple/no connection attributes associated with ' + selectedAlias.getValue('name') + ' Connection and credential alias.
    • Incorrect 'Connection URL' specified in the " + selectedAlias.getValue('name') + " Connection and credential alias."
    • OAuth provider associated with the OAuth Entity Scope - ' + scope + ' is not same as the one associated with OAuth Entity Profile of this scope.
    • The OAuth Scope - ' + scopesExpected[i] + ' must be associated with the grant type ' + grantType + '.
    • The Default grant type of the OAuth provider must be same as the Grant type of the OAuth Entity Profile.'
    • OAuth Token has expired.
    • Please generate an OAuth Token.
    • Invalid token URL associated with Application Registry - ' + applicationRegistryGr.getValue('name') + '.
    • Invalid authorization URL associated with Application Registry - ' + applicationRegistryGr.getValue('name') + '.
    • Invalid redirect URL associated with Application Registry - ' + applicationRegistryGr.getValue('name') + '.
    • There is no OAuth Entity Profile associated with the credential - ' + credentialGr.getValue('name') + '.
    • There is no credential associated with the connection - ' + connectionGr.getValue('name') + '.
    • There is no active credential associated with the connection - ' + connectionGr.getValue('name') + '.
    • Invalid Credential record associated with connection - ' + connectionGr.getValue('name') + '.
    • If the grant type of the connection (linked with provider) is set as Authorization Code, the provider must have Strict mode enabled with a valid Strict mode email.
    • Synchronization is not configured - could not find an active provider.
    • There are multiple subscriptions associated with this resource.
    • Calendar provider associated with this Rsv Sync Configuration is inactive.
    • Could not find an email with this Rsv Sync configuration.
    • The Rsv Sync configuration email must be same as the email specified in the 'Email' field of the location record.
    • The same email is associated with a different Rsv sync configuration.
    • The Subscription has expired.
    • The Subscription status is ' + status + '.
    • Invalid Subscription.
    • Could not find a subscription for this Rsv Sync Configuration.
    To fix a finding, refer to the following: