Xray Integration with ServiceNow Spoke

JFrog Integrations Documentation
ft:sourceType
Paligo

The JFrog Xray Spoke integration allows your organization to build automated workflows that interact directly with the JFrog Platform. A Servicenow spoke is a scoped application that includes Flow Designer custom actions or subflows.

Focused on Xray, Artifact, Repository, and JFrog Admin actions. From generating violations reports to creating ignore rules, re-scanning builds and artifacts, assigning custom item properties, and assigning permissions to users and groups, the JFrog Spoke provides out-of-the-box actions that your company can mix-and-match with other ServiceNow workflows to automate your overall IT-operations.

To see a video of this example, click here.

Support

If you need help with this integration, please contact support@jfrog.com.

How It Works

ServiceNow Spokes are applications with predefined actions that customers can use to build workflows on the NOW Platform. The JFrog Spoke has actions that can be combined with other native Spokes from ServiceNow and other third-party tools to create enterprise-grade workflows for vulnerability and change management for all your ITSM needs.

63d8d8a10e95c.png
Major Features Include:

  • Track Xray Vulnerabilities

  • Track License Violations

  • Create Ignore Rules

  • Create Users

  • Update Permissions

  • Generate and Send Xray Violations Reports

  • Trigger Scans of new Artifacts and Builds

  • Manage Custom Item Properties

  • Move, Copy and Delete Artifacts

  • Create, Update, and Delete Watches

  • Create, Update and Delete Policies

  • Manage Group Permissions

  • Ingest Xray data into ServiceNow Tables

Getting Started

Prerequisite: Required ServiceNow Dependencies

Before the spoke is installed, you will need to install the following plugins for the workflow to completely work. The required plugins are:

  • ServiceNow IntegrationHub Starter Pack Installer

  • REST API Builder Backend

JFrog Platform Steps:

Before you begin building a workflow using the JFrog Spoke in ServiceNow, you will need to do some initial setup. To start, you can watch this installation video here and then follow along with the documentation below.

Setup JFrog Spoke with Connection Alias

Most of our actions use the JFrog REST API. In order to use it, users must add their credential to the appropriate connection alias: “JFrog Platform Admin” or ID “x_jfro_xray_spoke.JFrog_Platform_Admin”.

The authentication method uses a bearer token generated from the JFrog platform. To generate a token, go to your profile on the JFrog Platform in the top right hand corner and select “edit profile.” You should see this screen:

63d8d8a5ac525.png

Click that “Generate an Identity Token” button after unlocking this page by entering your password. We will use this identity token to create an API credential and connect it to the aforementioned connection alias. (Do not use the Generate API Key option)

Next: Go to ServiceNow

To connect these credentials in ServiceNow navigate to the Credentials Tab.

63d8d8a9298d8.png

Create a new API Key Credentials