Credential exchange between ServiceNow API and Azure Cloud - Support and Troubleshooting

Credential exchange between ServiceNow API and Azure Cloud Issue  Overview This article will demonstrate about the Credential exchange or handshake between the ServiceNow Cloud Management Platform API and Azure Cloud.

Description During an API call to discover resources in Azure, the API DSL is populated with the credential id and this is sent to the probe. The probe APIProxyProbe is what runs in the ECC queue when we discover any resources in CMP. This probe has a method called getCredentialsById (credential) which uses a factory method to get the Credential details back to the probe. The probe then uses camel context to send the credentials as part of the request header to endpoints. This header is provided to the script that is defined in the CAPI method mapper which uses rest API calls to discover the resources. Understand which script includes are mapped to a particular discovery please check the CAPI method mappers . For eg : http:// /sn_capi_method_mapper.do?sys_id=2686aa710b2322003969a387b6673a6b&sysparm_view=&sysparm_record_target=sn_capi_method_mapper&sysparm_record_row=25&sysparm_record_list=cloud_api%3D30866e310b2322003969a387b6673ae1%5EORDERBYcapi_interface_operation&sysparm_record_rows=37

This is the method mapper that describes ListNodes operation. The Mid Script includes "azure-compute-1.0-ListNodes" runs and discovers the VM in Azure. Camel context is an interface used to represent the context used to configure routes and the policies to use during message exchanges between endpoints. These are the Java class that ServiceNow using CAPIOrchestratorServiceImpl & APIProxyProbe capiSvrScript.findMatchingMid() capiSvrScript.findMatchingMid() is a java scripted API which is responsible to verify the Active MID with Cloud capabilities. In this method, we get all matching mids based on capabilities and target(IP Range) then we get active mid, again, based on capabilities, target, and other parameters. After that, we call the override mid and this script is had coded, we do not expect this to be changed. Additional Information Once the discovery executes the UI action " Get Subscriptions " would perform successful or unsuccessful authorization if the authorization fails it would throw an error here. https:// .service-now.com/sys_ui_action.do?sys_id=5c3f4c1e0b1003003503e0d425673a59&sysparm_view=

Product Documentation Credential handling between MID and Instance: Getting started with credentials Details of encryption between MID Server and Azure: Set up MID Servers to connect Cloud Management to an Azure account Details of MID server Security: MID Server security and encryption