Tips for writing integrations

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Tips for writing integrations

    This guidance helps ServiceNow customers avoid common pitfalls when developing integrations, especially within the Security Operations suite. It emphasizes leveraging existing ServiceNow platform capabilities and integration frameworks to create more efficient, maintainable, and stable integrations.

    Show full answer Show less

    Key Features

    • Use platform functionality whenever possible: Prefer native ServiceNow features such as outbound web services (REST and SOAP) for communication with third-party systems, and data sources/import sets/transform maps to process and insert data into ServiceNow tables, rather than building custom solutions.
    • Utilize Security Operations integration frameworks: These frameworks address common challenges like handling paginated data, data transformation, and rate limiting. Before creating new functionality, verify if an existing framework supports your use case to avoid redundant work.
    • Extend existing frameworks when needed: Security Operations integration tables and scripts are designed to be extensible. Customize them to fit your unique integration requirements while maintaining compatibility.
    • Provide feedback to ServiceNow: Report any integration issues encountered during development or testing to Customer Service and Support. This feedback can influence improvements in future releases, benefiting all customers.
    • Test integrations under realistic load conditions: Because integrations operate within scoped applications with platform-imposed limits, ensure your integration can gracefully handle large volumes or long-running processes by implementing pagination or data chunking in API requests.

    Key Outcomes

    By following these guidelines, ServiceNow customers can develop integrations that are robust, scalable, and maintainable. Leveraging platform and Security Operations framework functionalities reduces development effort, enhances system stability, and facilitates smoother integration maintenance and upgrades over time.

    Avoid some of the pitfalls you can encounter when writing your own integrations by following these guidelines.

    Use ServiceNow platform functionality whenever possible

    Mostly, the integration capabilities built into Security Operations applications (Security Incident Response, Threat Intelligence, and Vulnerability Response) are intended to enhance or streamline existing ServiceNow platform integration functionality. When writing integrations, always make sure to use platform functionality when it exists. Here are some common ServiceNow functionalities that can be used rather than “rolling-your-own.”

    • Outbound web services – for most interactions with third-party systems, communication are through web services. In those cases, utilize platform outbound web services (REST and SOAP are supported).
    • A data sources/import sets/transform map – for processing data and inserting into ServiceNow tables, the preferred mechanism is to use data sources and associated components.

    Use Security Operations integration frameworks whenever possible

    Because Security Operations integration mechanisms have solved many common problems, it is not necessary to reimplement basic functionalities for every integration. For example, the vulnerability data and threat source frameworks support handling multiple pages and passing that data to data sources/transforms/import sets. Similarly, the scan or lookup source framework provides configurable rate limiting functionality. As a rule, when implementing a feature or set of features, check to see if the existing Security Operations integration framework covers your use case. If so, use that framework.

    Extend the existing Security Operations integration frameworks as needed

    Most of the tables and scripts used by Security Operations integration frameworks were intended to be extended to suit future needs. If a use case is encountered while you are writing an integration, extend an integration table or script to better suit that use case.

    Provide feedback to ServiceNow for issues encountered during integration

    As an integration is being developed or tested, be sure to provide feedback when issues are encountered. Even if a workaround is required, Customer Service and Support personnel can provide an improvement in future releases that could alleviate the issue for future integrations.

    Test under reasonable load

    A common issue with integrations is that they are not equipped to handle realistic loads. Because each integration is a scoped application, there are more limitations imposed by the platform to ensure system stability. These limitations may result in long running jobs or API calls being terminated. You can ensure that long running processes or processes that process lots of data are handled gracefully by reducing the time each call or process takes (usually by providing a means of paginating API requests or chunking large sets of data).