---
title: "ServiceNow App Setup and Installation"
slug: "servicenow-app-setup-and-installation"
updated: 2026-03-27T21:45:30Z
published: 2026-03-27T21:45:30Z
stale: true
---
> ## Documentation Index
> Fetch the complete documentation index at: https://help.nucleussec.com/llms.txt
> Use this file to discover all available pages before exploring further.
# ServiceNow App Setup and Installation
## Overview
The Nucleus ServiceNow App connector integrates directly with ServiceNow through the [Nucleus Security](https://store.servicenow.com/sn_appstore_store.do#!/store/application/1dabaa171b82b0107c89ca22604bcbb7) app found in the ServiceNow Store. It runs within your ServiceNow environment, providing flexible ticketing integration with ServiceNow Incidents or any other table that extends Task. The Nucleus ServiceNow App connector is ideal for advanced workflows or highly customized instances of ServiceNow.
:::(Warning) (Installation Requirement)
The Nucleus Security ServiceNow app is highly configurable to suit your unique ServiceNow configuration and workflow requirements. It is intended to be installed and configured by a Nucleus Security specialist alongside a ServiceNow administrator, as an intimate knowledge of both ServiceNow and Nucleus is required to properly configure the app. Contact your Nucleus customer success representative to set up an onboarding call between yourself, Nucleus and one of your ServiceNow administrators.
:::
## Prerequisites
* Admin permission in your ServiceNow instance to install and configure the app.
* The ServiceNow App connector has been enabled for your Nucleus organization.
:::(Info) (Non-production run through)
We strongly recommend you first complete this entire installation in a non-production Nucleus project (e.g., Sandbox project with sample data) and non-production ServiceNow environment (e.g., UAT instance) prior to configuring in production.
:::
## Install the Nucleus Security app in ServiceNow
1. Navigate to the [**Nucleus Security**](https://store.servicenow.com/sn_appstore_store.do#!/store/application/1dabaa171b82b0107c89ca22604bcbb7) app in the ServiceNow App Store.
1. Click **Get**.
1. Log in with your ServiceNow ID using **admin** permissions.
### Create and configure the local integration user
1. Log in to your ServiceNow instance with **admin** permissions.
1. From the navigation bar on the left, under **User Administration**, select **Users**.
1. Click **New**.
1. In the **User ID** field, enter the username `nucleussec.project` or any custom username of your choice.
1. In the **First Name** field, enter any first name.
1. In the **Last Name** field, enter any last name.
1. Optionally, in the **Title** and **Department** fields, enter any values of your choice.
1. Click **Submit**.
1. From the list of users, select the new user you created.
{width="750"}
1. Ensure **Active** is selected.
1. Click **Set Password** to assign a password for the integration user and make a note of it.
1. Confirm the **Identity type** is set to **Human**.
> **Note:** In older versions, you may need to disable **Web service access only** instead.
1. Select the **Roles** tab.
1. Click **Edit...**.
1. The nucleussec.project service account needs permissions outlined below:
* **Read/write to incident table**
* **Read to sys_dictionary and sys_choice tables**
* **X_nucse_nucleus_sp.nucleus_mapping_user role**
* **X_nucse_nucleus_sp.nucleus_spoke_admin role**
Each ServiceNow instance can be configured differently, but typically these are the roles required to grant read/write to incident and read to sys_dictionary and sys_choice.
* **sn_incident_read**
* **sn_incident_write**
* **cmdb_read**
* **asset**
* **task_editor**
* **itil**
* **x_nucse_nucleus_sp.nucleus_mapping_user**
* **x_nucse_nucleus_sp.nucleus_spoke_admin**
1. Click **Save**.
1. From the navigation bar on the left, search "Nucleus". Under **Nucleus Security**, select **Configuration Properties**.
1. Under **Enable Debug**, optionally check **Yes** to enable full debug output.
:::(Warning)
**NOTE:** Due to the verbosity of debug output, only enable debug output in sub-production environments, unless directed to by Nucleus Support.
:::
1. From the **Logging Verbosity** menu, select **Debug**, **Informational**, **Warning**, or **Error**.
:::(Info)
**NOTE:** Ignore any properties labeled 'Deprecated'.
:::
1. Note the **Logging Destination** field. Logging is written to the Application Log table (`db`) by default.
1. Click **Save**.
## Set up the ServiceNow App connector in Nucleus
You can create one or more ServiceNow App connectors depending on the needs of your teams, workflows and SLA requirements. If tickets for all teams will be the same Ticket Type and configuration, then a single connector is all you will need. If you want to create different Ticket Types and/or configurations for different teams or types of vulnerabilities, you can configure multiple connectors to address your different Use Cases. Common examples for creating multiple connectors includes:
* Creating Incidents with short SLAs for the highest risk vulnerabilities, and creating Service Requests (Catalog Items) for lower risk vulnerabilities.
* Creating connections to different custom Task Tables created to meet the unique requirements across Teams such as differences in SLAs.
Follow the steps below to create a new ServiceNow App connector:
1. Log in to your Nucleus project.
1. From the navigation bar on the left, under **Project Administration**, select **Connector Setup**.
1. Select **ServiceNow App**.
{width="550"}
1. In the **Name** field, enter a name for this connector.
1. Optionally, in the **Description** field, enter a description for this connector.
1. In the **Instance URL** field, enter the URL of your ServiceNow instance. Enter the base path only (e.g., `https://my-instance.service-now.com`).
1. Select the preferred authentication method: **Basic Auth** or **OAuth2**.
- **Basic Auth**:
1. In the **Username** field, enter the username you chose when [creating the user earlier](/v1/docs/servicenow-app-setup-and-installation#create-and-configure-the-local-integration-user).
1. In the **Password** field, enter the password for that user.
1. In the **Shared Secret** field, enter `nucleussecret`, unless otherwise instructed by your Nucleus Security specialist.
- **OAuth2**:
1. Log in to your ServiceNow instance **admin** permissions.
1. From the navigation bar on the left, under **System OAuth**, select **Application Registry**.
1. Click **New**.
1. Click **Create an OAuth API endpoint for external clients**.
1. In the **Name** field, enter a name.
1. Ensure the Application is set to **Nucleus Security**.
1. Click **Submit**.
1. Click on the name of the new application registry you created.
1. Copy the **Client ID**.
1. Copy the **Client Secret**.
1. Return to the Nucleus app.
1. In the **Username** field, enter `nucleussec.project`. If you chose a different username when [creating the user earlier](/v1/docs/servicenow-app-setup-and-installation#create-and-configure-the-local-integration-user) enter that username instead.
1. In the **Password** field, enter [the password of the user you created earlier](/v1/docs/servicenow-app-setup-and-installation#create-and-configure-the-local-integration-user).
1. In the **Client ID** field, enter the Client ID you copied from ServiceNow.
1. In the **Client Secret** field, enter Client Secret you copied from ServiceNow.
1. Click **Connect To ServiceNow**.
1. Download the default mapping table for either **DoubleIncident** or **SingleIncident** configurations provided by a member of the Nucleus team.
1. Click **Save & Finish**.
### Verify the Nucleus Mapping table in ServiceNow
The Nucleus Mapping table is designed to accept requests for actions made by the Nucleus ServiceNow App connector and apply that action with the correct tables and field mappings in ServiceNow. The Nucleus Mapping Table is automatically generated when the ServiceNow App connector in Nucleus first connects to ServiceNow.
To verify that the Mapping table was created:
1. Log in to your ServiceNow instance with **admin** permissions.
1. From the **All** navigation mention, search for **Nucleus Security**, then select **Field Mappings**:
{height="" width="800"}
1. You should see a full set of default mappings that were automatically generated for your Nucleus project.
By default, Nucleus Projects and their corresponding field mappings are configured to create Incident tickets in ServiceNow. The Nucleus Security app supports creating tickets in any ServiceNow table that extends Task. See [Creating Tickets in Non-Incident Task Tables](https://help.nucleussec.com/v1/docs/servicenow-app-setup-and-installation#creating-tickets-in-nonincident-task-tables) for details on how to configure Nucleus to create other types of Task tickets.
### Configure Defaults in the ServiceNow App Connector
The ServiceNow App connector allows you to configure default field values and control how tickets behave when findings are updated or remediated.
To configure defaults and ticket behavior:
1. From **Connector Setup**, locate your ServiceNow connector.
1. Click the **edit (pencil) icon** to modify the connector.
1. Select the **Set Defaults (Optional)** tab.
{height="" width="650"}
#### Set Defaults for Ticket Creation
Configure default values for supported fields (such as CMDB CI, Impact, and Urgency). These defaults apply when manually creating tickets or when tickets are created through automation rules.
- Click **Refresh fields** to load the latest available fields
- Configure values as needed for your environment
- Verify each field loads and displays expected data
#### Closed Ticket Status
Use this setting to control how manually created tickets are updated and closed when associated findings are remediated.
**Enable auto-close for manually created tickets**
When enabled, tickets created manually will be automatically updated and closed when all associated findings are remediated.
- New CSV files are attached when new instances are discovered or remediated
- Tickets are updated as findings change over time
- Tickets are automatically closed when all associated instances are remediated
Auto-close occurs during ticketing automation processing, which runs on scan update or ingest events.
**Do not close tickets for temporary status changes**
When enabled, tickets will not be closed during temporary or non-final status changes. Tickets will only close when findings reach a fully remediated state.
1. Click **Save & Finish** to save your changes.
### Testing the ServiceNow App Connector
With the ServiceNow App connector configured, use the following steps to test the connection and ensure successful configuration of the Nucleus Security application coming in to ServiceNow and out to the Nucleus platform:
1. Log in to your Nucleus project.
1. From the navigation bar on the left, under **Vulnerabilities**, select **Active**.
1. Select a vulnerability.
1. Click **Create Ticket**.
1. Select the **ServiceNow App** connector.
1. Fill in all required fields.
1. Click **Submit to ServiceNow** to test the ticket creation. You should see a success message.
1. In the vulnerability, click on the **Tickets** tab.
1. Verify the "status", "priority", and "assignee" columns are loading correctly.
1. Click the arrow on the far right side of the ticket. A side window will extend out.
1. Verify the description loads correctly.
1. In the **Comment** field, enter a comment.
1. Click **Comment**.
1. In the **External ID** column on the far left, click on the incident number for the ticket. The ticket will open in ServiceNow.
1. Verify the ticket is correctly listed.