markdomansky
commented
4 years ago So guidance here is going to be the same guidance for any kind of integration. WebJEA is a means to provide a user-friendly interface to a PowerShell script.
-
Start by creating your powershell script to take the desired inputs and communicate with ServiceNow's RestAPI. This is the hard step. There can be as little or as much as you might need in this step. You'll want to consider parameter validation, error checking, determine what you want to output to the user, etc. The same as any script.
-
After you've created your powershell script, you would configure WebJEA to use that script. You define 1 or more groups/users who have access to the command, title, etc.
-
If you're accessing resources on the domain (AD, file share, even local files), you'll want to grant appropriate access to those resources to the gMSA account. For internet resources, you'll want to securely store any appropriate credentials/api keys.
In my experience, what I end up doing is creating powershell scripts that do the work regardless of who calls them (admin in powershell console, or a user in webjea), and then create a separate wrapper script that webjea calls which then has ui-friendly output.
No if you're wanting to have SNOW call WebJEA, that's a different story. WebJEA doesn't currently accept automated calls. I'm not familiar with SNOW, but the limits of what WebJEA will accept are a form POST or GET (url query parameters) to pre-fill properties in a form.
I hope that helps. If you're wanting information on how to integrate powershell with SNOW, you might try powershell.org, or I presume ServiceNow has resources that might be useful.
mukundhan90
stale[bot]
Please share some information / guidance to use RestAPI for SNOW integration with Webjea for AD account creation