Integration accounts should not use the Admin role
Impact area
Security
Severity
High
Affected element
User
Rule number
SN-0438
Impact
External systems accessing ServiceNow with elevated privileges in the ServiceNow instance could mean security risks such as data leaks or unexpected actions. In general, every user should only have the required privileges in order to perform their tasks.
Remediation
Include a dedicated integration user that external systems will use to access the ServiceNow instance. The user should have specific and limited privileges required for the integration.
Time to fix
40 min