No results for ""
EXPAND ALL
  • Home
  • API docs

Setting up the ServiceNow approvals integration

Read time: 7 minutes
Last edited: Nov 01, 2024

Overview

This topic explains how to configure the LaunchDarkly ServiceNow integration for flag approvals.

Prerequisites

In order to complete this topic, you must meet the following prerequisites:

  • You must have a LaunchDarkly account with a Writer, Admin, Owner, or a custom role that allows the createIntegration action on the integration resource.
  • You must have an existing ServiceNow account with the admin role.
  • You must have a ServiceNow Client ID. To learn how to create these, search for "Get the Client ID and Client Secret" in ServiceNow's documentation and choose the article for your ServiceNow version.
  • You must have a secret for an OAuth API endpoint for external clients. To learn how to create these, search for "Create an OAuth API endpoint for external clients" in ServiceNow's documentation and choose the article for your ServiceNow version.
  • You must have an existing ServiceNow standard change template that you want to use for all proposed changes originating from LaunchDarkly. We recommend creating a dedicated template for LaunchDarkly changes. To learn how to propose a new standard change template, search for "Propose a standard change template" in ServiceNow's documentation and choose the article for your ServiceNow version.
    • If you do not use a ServiceNow standard change template, we recommend using the Custom approvals integration instead.
  • If your ServiceNow instance has IP address access control enabled, you must create inbound ServiceNow IP access control rules corresponding to the outboundAddresses from LaunchDarkly's public IP list. To learn how to create IP access control rules, search for "IP Address Access Control" in ServiceNow's documentation and choose the article for your ServiceNow version.

Set up the ServiceNow integration in LaunchDarkly

To use the ServiceNow integration to perform flag approvals, you must first establish an OAuth connection between your LaunchDarkly and ServiceNow accounts.

After you create the connection, you can either:

To establish an OAuth connection:

  1. Log in to ServiceNow.
  2. Complete ServiceNow's instructions for creating an endpoint for external clients, including saving the redirect URL.
  3. Navigate to the LaunchDarkly Integrations page and find "ServiceNow."
  4. Click Configure. The integration menu appears.
  5. Click Connect to ServiceNow. An OAuth provider registration dialog appears.
  6. Copy the Redirect URL to your clipboard.
LaunchDarkly's ServiceNow OAuth provider registration form.
LaunchDarkly's ServiceNow OAuth provider registration form.
  1. In ServiceNow, set the Redirect URL to the redirect URL saved to your clipboard in step 2. Ensure you are following the directions for your ServiceNow version.
The ServiceNow external client endpoint registration form with the Redirect URL configured.
The ServiceNow external client endpoint registration form with the Redirect URL configured.
  1. In LaunchDarkly's OAuth provider registration dialog, enter your ServiceNow host URL. For example, if your ServiceNow instance is hosted at https://launchdarkly.service-now.com, enter https://launchdarkly.service-now.com.
  2. Enter the Client ID and Client Secret for the client you created in step 5.
  3. Click Register OAuth Provider.
  4. Click Allow. ServiceNow may prompt you to log in to your ServiceNow account at this step.

Your LaunchDarkly and ServiceNow accounts are now connected. Next, enable the ServiceNow approvals integration for your LaunchDarkly environment.

Configure a LaunchDarkly environment to use ServiceNow for approvals

By default, LaunchDarkly's approvals request feature only creates approval requests in LaunchDarkly. You can change this behavior so LaunchDarkly creates change requests in ServiceNow. To do this, you must update your chosen environment's approval settings.

Here's how:

  1. Click the project dropdown. The project menu appears:
The project menu.
The project menu.
  1. Select Project settings.
  2. Select Environments. The Environments list appears.
  3. Click the overflow menu on the environment you wish to configure.
  4. Select Approval settings. The "Approval settings for environment" panel appears.
  5. Change the Approval system from "LaunchDarkly" to "ServiceNow."
  6. Select the ServiceNow standard change template you wish to utilize for all proposed changes in this environment. All change requests created by LaunchDarkly will include relevant details for the Short description, Justification, and Requested by fields. We recommend choosing a template with all other change request fields pre-populated.
  7. (Optional) Fill in the Detailed information column name field with the name of the ServiceNow Change Request column you would like LaunchDarkly to populate with detailed approval request information. This field defaults to justification if you do not provide a value.
  8. (Optional) Select the Require approvals for this environment checkbox to require approval for flag targeting changes in this environment. If you select this, then you must also choose:
  • Whether to require approval for all flags, or only for flags matching the provided tags. While tags are global across environments, this setting applies only to flags in the current environment.
  • Whether to allow scheduled changes for a flag to be deleted without approval in this environment.
  1. Choose whether to Automatically apply flag changes in LaunchDarkly when associated external change requests are approved.
  2. Click Save settings.

LaunchDarkly environment approval settings with ServiceNow configured.
LaunchDarkly environment approval settings with ServiceNow configured.

Create a LaunchDarkly workflow in ServiceNow for manual approvals

You can create your workflow using either of these two ServiceNow workflow creation methods:

  • Flow Designer
  • Workflow Editor

To learn more, search for "Flow Designer" and "Workflow Editor" in ServiceNow's documentation and choose the articles for your ServiceNow version.

The screenshots below are from the Flow Designer, but you can create a workflow the same triggers, actions, and conditions using the Workflow Editor if you prefer.

To create a LaunchDarkly approvals workflow in ServiceNow:

  1. Create a new Workflow Trigger for record "Created" on the "Change Request [change_request]" table. To learn how to do this, search for "Create Security Operations workflow triggers" in ServiceNow's documentation and choose the article for your ServiceNow version.
  2. Set two conditions on your trigger: "State" is "New" and "Standard Change Template version," "Template," "Name" is "LaunchDarkly template."
A configured Workflow Trigger in the ServiceNow Flow Designer.
A configured Workflow Trigger in the ServiceNow Flow Designer.
  1. Add a new "Ask For Approval" Action on your Trigger Change Request Record and set the approval rules.
A ServiceNow "Ask For Approval" action configuration.
A ServiceNow "Ask For Approval" action configuration.
  1. Add an if condition that requires Approval State is "Approved."
A ServiceNow if condition configured for change request approvals.
A ServiceNow if condition configured for change request approvals.
  1. Add two "Update Change Request Record" Actions as extensions of the if condition.
  • Set the first Action to "Update Record" with "State" "Scheduled" on the latest version of the triggering Change Request Record.
  • Set the second Action to "Update Record" with "State" "Implement" on the latest version of the triggering Change Request Record.
You must use two update actions

ServiceNow requires change request records to move through states in a certain order, so you must create two separate actions that move the record "State" first to "Scheduled" and then to "Implement." The record must end in the "Implement" state for LaunchDarkly to process the approval.

A ServiceNow update change request record action that moves the "State" to "Scheduled."
A ServiceNow update change request record action that moves the "State" to "Scheduled."
  1. As an extension of the else condition, add an "Update Change Request Record" Action that moves the "State" to "Canceled." LaunchDarkly uses this state to determine that the approval request has been rejected.
A ServiceNow update change request record action that moves the "State" to "Canceled."
A ServiceNow update change request record action that moves the "State" to "Canceled."

You can now request manual approvals in ServiceNow for flag changes in LaunchDarkly.

A complete ServiceNow workflow for LaunchDarkly manual flag approvals.
A complete ServiceNow workflow for LaunchDarkly manual flag approvals.

Create a LaunchDarkly workflow in ServiceNow for automatic approvals

Automatic approval workflows create a correlating ServiceNow Change Request for any LaunchDarkly flag changes. Automatic approvals are for record-keeping only and no actual approval is requested. Automatic approval workflows resemble manual approval workflows but without the approval Action.

To create an automatic approval workflow:

  1. Create a new Workflow Trigger for record "Created" on the "Change Request [change_request]" table. To learn how to do this, search for "Create Security Operations workflow triggers" in ServiceNow's documentation and choose the article for your ServiceNow version.
  2. Set two conditions on your trigger:
  • "State" is "New"
  • "Standard Change Template version," "Template," "Name" is "LaunchDarkly auto-approve template"
A Workflow Trigger in the ServiceNow Flow Designer.
A Workflow Trigger in the ServiceNow Flow Designer.
  1. Add two "Update Change Request Record" Actions as extensions of the if condition.
  2. On the first Action, set the Action to "Update Record" on the latest version of the triggering Change Request Record. Set "State" to "Scheduled."
  3. On the second Action, set the Action to "Update Record" on the latest version of the triggering Change Request Record. Set "State" to "Implemented."
You must use two update actions

ServiceNow requires change request records to move through states in a certain order, so you must create two separate actions that move the record "State" first to "Scheduled" and then to "Implement." The record must end in the "Implement" state for LaunchDarkly to be able to process the record.

A ServiceNow update change request record action that moves the "State" to "Implemented."
A ServiceNow update change request record action that moves the "State" to "Implemented."

You can now track your LaunchDarkly flag changes in ServiceNow.

A completed ServiceNow workflow for LaunchDarkly "automatic" approvals.
A completed ServiceNow workflow for LaunchDarkly "automatic" approvals.