Routing MID Server traffic to ServiceNow Instance via Microsoft Azure API Gateway (API Management Services) - Support and Troubleshooting

Routing MID Server traffic to ServiceNow Instance via Microsoft Azure API Gateway (API Management Services) Summary .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } If you have configured Microsoft Azure API gateway to route the traffic from MID Server to your ServiceNow instance, you might observe several logout events being generated. The logout events are generated because of the Azure API gateway configuration.

Root Cause

The MID Server AMB Client sends two headers with the same name 'Cookie' which carries different information. But when the request from the MID Server is passed through the Microsoft Azure API gateway, the gateway is combing the two headers with the same name 'Cookie' into a single header 'Cookie' separated by comma. The above modification of the Cookie header is causing issues at the ServiceNow instance to validate the AMB session as its unable to parse the Cookie data when the separator is , (comma) instead of ; (semi-colon). Due to the above issue, a logout event is generated for each such AMB session invalidated message. Therefore, huge number of logout events will be generated due to the AMB session invalidated message for the connectivity attempts from all the MID Servers using the Azure API gateway. You can also validate the above by configuring the MID Server to directly connect with the ServiceNow instance, no logout events will generate and the AMB session validates successfully.

Temporary Fix

We can disable the AMB on the MID Servers by configuring the MID Server parameter 'mid.disable_amb=true'. With AMB disabled on the MID Servers, there should not be any performance issues and the MID Server still remains fully functional. The logout events will not be generated for the MID Servers if AMB is disabled, and the event queue will not be impacted further by this issue.

Permanent Solution

You need to work with your Azure team to modify the header policy and pass the Cookie headers separated by semi-colon instead of comma for the AMB session to get validated successfully. You can continue using the MID Server parameter 'mid.disable_amb=true' until the above change is made on the Azure API gateway to prevent logout events from being generated.

Related Links .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } API gateway in Azure API Management mid.disable_amb