Cross-instance application trust configuration

Release version: Yokohama

Updated January 30, 2025

3 minutes to read

Summarize

Summarized using AI

Summary of Cross-instance application trust configuration

Cross-instance application trust configuration in ServiceNow Yokohama release enables secure and streamlined management of trust settings across multiple instances in a multi-instance environment. This capability supports communication between instances for enabled applications by defining and propagating trust profiles that specify how instances trust each other to share data and messages.

Show full answer Show less

Using a centralized multi-instance management approach, a designated production instance can control and distribute trust configurations to other instances it manages, simplifying trust setup and maintenance.

Key Features

Trust Profile: Defines the trust relationships and communication rules for instances participating in a specific application. Each enabled application has its own trust profile, detailing how instances leverage application capabilities to interact securely.
Propagation of Trust Profiles: Trust profiles can be automatically shared and synchronized across managed instances, triggered by a Trust Profile Manager or manually if none is defined. This ensures consistent trust settings without manual configuration on each instance.
Capabilities and Operations: Trust profiles cover application capabilities—groups of operations that enable cross-instance communication—ensuring trusted communication at a granular level for each application feature.
Trustor and Trustee Roles: The trustor is the instance granting trust to others, allowing them to view data or send messages. The trustee is the trusted instance. Trust relationships are defined per application capability, controlling which instances can communicate and exchange data.
Trust Configuration Management: Instances can be designated as managing instances (controllers) or managed instances (controlled). Managing instances distribute trust profiles to managed instances, which must grant permission for this automatic distribution. An instance cannot simultaneously be both a manager and a managed instance, and each application within an instance can only be managed by one instance at a time.

Practical Implications for ServiceNow Customers

Centralize trust configuration management for multi-instance deployments to reduce manual effort and errors.
Define clear trust profiles per application to control secure cross-instance communication effectively.
Use the production instance as a trust profile manager to synchronize trust settings across all managed instances with the Sync Trust Profile function.
Understand trustor and trustee roles to configure who can send and receive messages and data within your instance network.
Ensure managed instances grant permissions to managing instances to enable automated trust profile propagation and maintain consistent trust configurations.

Multi-instance management provides a mechanism to streamline the management of trust configurations across your entire multi-instance environment.

The multi-instance capability introduces new concepts, describing how communication is supported across instances for enabled applications and their capabilities. In order to do this securely, you need to define how these instances trust each other. This can be defined as a trust profile. The trust profile defines how a set of instances communicate for a given application. In order for this profile to be applied to each instance, that profile needs to be propagated out to the instances that will participate in a given application.

Multi-instance management offers a centralized mechanism for configuring and maintaining trust settings across your multi-instance deployment. This simplifies the process of propagating trust settings to all instances under your control by designating a production instance by designating a production instance to manage the trust configurations on all the instances it should manage remotely.

Trust concepts

Trust profile

The Trust profile defines the ideal trust configuration of all the instances that participate in a specific application. The trust profile is specific to an enabled application. It defines how the instances leverage the application capabilities to communicate with each other. Once the application’s trust profile with the trust configuration for each instance is defined, it can be shared with the managed instances. This will trigger the automatic population of trust tables within those instances. This automation depends on whether there is a Trust profile manager defined. If not, trust configuration needs to be manually created on each instance.

For example, if you're currently logged into sub-prod 2 and Prod 1 has management privileges over sub-prod 2, you can use the Sync Trust Profile button on Prod 1 to distribute trust profiles to all instances under Prod 1's management. The updated trust profile will then be reflected on Prod 2.

Capabilities and operations

Capabilities are application features that would be leveraged for cross instance communication. It is a group of granular operations that are available as a part of the application.

Enabled applications within an instance possesses a trust profile, which is established for every capability it exposes. To ensure seamless communication between instances for these capabilities, a trust configuration must be defined. This trust profile encompasses all the necessary trust configurations between instances for a specific application and its capabilities.

Trustor and Trustee

Trustor can be defined as the instance that is trusting the other instances with viewing its data and/or receiving messages from the trusted instance.

For example, you’re logged into Prod 1. There are 2 other sub prods- sub-prod 1 and sub-prod 2. If Prod 1 trust sub-prod 1 and sub-prod 2, then Prod 1 is the Trustor and sub-prod 1 and sub-prod 2 are Trustees.

Note:

The trust concept works on the instance for a given application at the capability level. The table that lists the instances trusted by your instance has 3 columns: application, capability, and Trustee instance.

When instances are required to communicate, they consider the application trust configuration before communicating with each other.

For example, if an enabled application on Prod 1 needs to send a message to Sub-prod 1 and Sub-prod 2, these sub-prods must trust Prod 1 to receive the message and act on it. In this scenario, the sub-prods are the trustors, and Prod 1 is the trustee.

If Prod 1 doesn't trust sub-prod 1 and sub-prod 2, messages from the sub-prods to Prod 1 are not processed.

You can go to the trust table and create a new trust record. See for more information.

Trust configuration management

Managing instances

The table shows the instance that is designated as the manager instance for the instance you are logged into. If you are logged into the managing instance, the table will be blank.

For example, you’re logged into Prod 1. The instances shown in the Managing Instances table are the instances that are being managed by Prod 1 for particular applications.

See Configure Manager Instances for more information.

Managed instances

The table shows the instances that you are managing.

For example, you’re logged into Prod 1. The instances shown in the Managed Instances table are the instances that Prod 1 is managing for the specified applications.

Managed instances must grant permission to managing instances in order to automatically distribute trust profiles.

Note:

An instance can’t be both a managing and a managed instance. An instance can manage several instances simultaneously. An application within an instance can be managed by only one instance at a time.