ServiceNow Integration #640
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 6 commits
January 2, 2026 10:42
- Added custom_subdomain_name to OpenAI resource for managed identity authentication - Created Speech Service resource with custom subdomain configuration - Added RBAC role assignments for Speech Service (Managed Identity and App Service MI) - Includes Cognitive Services Speech User and Speech Contributor roles - Documentation: Azure Speech managed identity setup guide
- Add comprehensive ServiceNow integration guide with OAuth 2.0 setup - Include OpenAPI specifications for Incident Management and Knowledge Base APIs - Add agent instructions for ServiceNow support agent - Fix GROUP_ACTION_OAUTH_SCHEMA_MERGING: Ensure additionalFields preserved during schema merge - Fix GROUP_AGENT_LOADING: Improve group agent loading reliability - Fix OPENAPI_BASIC_AUTH: Support basic authentication in OpenAPI actions - Fix AZURE_AI_SEARCH_TEST_CONNECTION: Improve AI Search connection testing - Update version to 0.236.012
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds comprehensive ServiceNow integration documentation and implements four critical bug fixes discovered during ServiceNow integration testing. The changes enable enterprise integrations with ServiceNow for incident management and knowledge base operations while fixing issues affecting OpenAPI authentication, group workspace functionality, and Azure AI Search connectivity testing.
Changes:
- Comprehensive ServiceNow integration documentation including OAuth 2.0 setup guide, agent behavioral instructions, and 7 OpenAPI specifications
- Fix for OpenAPI Basic Authentication credential parsing to support username:password format
- Fix for group action OAuth authentication by adding schema merging (parity with global actions)
- Fix for group agent loading in per-user semantic kernel mode to include all workspace agents
- Fix for Azure AI Search connection testing with managed identity authentication using SDK instead of REST API
- Infrastructure updates for Azure Speech Service with managed identity support and custom subdomain configuration
Reviewed changes
Copilot reviewed 17 out of 19 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| docs/how-to/azure_speech_managed_identity_manul_setup.md | New documentation explaining Azure Speech Service managed identity setup requirements (filename has typo) |
| docs/how-to/agents/ServiceNow/SERVICENOW_INTEGRATION.md | Comprehensive ServiceNow integration guide covering setup, configuration, and testing |
| docs/how-to/agents/ServiceNow/SERVICENOW_OAUTH_SETUP.md | Detailed OAuth 2.0 configuration guide for production ServiceNow deployments |
| docs/how-to/agents/ServiceNow/servicenow_agent_instructions.txt | Agent behavioral instructions optimized for ServiceNow operations |
| docs/how-to/agents/ServiceNow/open_api_specs/*.yaml | Seven OpenAPI specification files for ServiceNow APIs (bearer token and basic auth versions) |
| application/single_app/semantic_kernel_plugins/openapi_plugin_factory.py | Adds credential format transformation for basic auth, bearer tokens, and OAuth2 |
| application/single_app/semantic_kernel_loader.py | Adds group agent and action loading for per-user semantic kernel mode |
| application/single_app/route_backend_settings.py | Replaces REST API approach with SDK-based Azure AI Search connection testing |
| application/single_app/route_backend_plugins.py | Adds schema merging to group action routes for OAuth field population |
| deployers/terraform/main.tf | Adds Speech Service resource with custom subdomain and RBAC role assignments |
| application/single_app/static/images/custom_logo.png | Updated custom logo image (binary file) |
| application/single_app/static/images/custom_logo_dark.png | Updated dark theme custom logo image (binary file) |
| application/single_app/config.py | Version bump from 0.236.011 to 0.236.012 |
docs/how-to/agents/ServiceNow/servicenow_agent_instructions.txt
Outdated
Show resolved
Hide resolved
docs/how-to/agents/ServiceNow/open_api_specs/sample_servicenow_incident_api.yaml
Outdated
Show resolved
Hide resolved
application/single_app/semantic_kernel_plugins/openapi_plugin_factory.py
Outdated
Show resolved
Hide resolved
application/single_app/semantic_kernel_plugins/openapi_plugin_factory.py
Outdated
Show resolved
Hide resolved
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…_incident_api.yaml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…factory.py Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…mplechat-development into servicenow-integration
- Changed 'indexes = list(...)' to '_ = list(...)' - Follows Python convention for discarded return values - AI Search connection test only needs to verify the API call succeeds
…nrelated to this servicenow integration
- OPENAPI_BASIC_AUTH_FIX.md: 0.235.026 → 0.236.012 - GROUP_ACTION_OAUTH_SCHEMA_MERGING_FIX.md: 0.235.028 → 0.236.012 - GROUP_AGENT_LOADING_FIX.md: 0.235.027 → 0.236.012 - AZURE_AI_SEARCH_TEST_CONNECTION_FIX.md: 0.235.004 → 0.236.012"
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
docs/explanation/fixes/v0.236.012/AZURE_AI_SEARCH_TEST_CONNECTION_FIX.md
Outdated
Show resolved
Hide resolved
docs/how-to/agents/ServiceNow/open_api_specs/sample_now_knowledge_latest_spec.yaml
Outdated
Show resolved
Hide resolved
application/single_app/semantic_kernel_plugins/openapi_plugin_factory.py
Outdated
Show resolved
Hide resolved
docs/explanation/fixes/v0.236.012/GROUP_ACTION_OAUTH_SCHEMA_MERGING_FIX.md
Show resolved
Hide resolved
docs/how-to/agents/ServiceNow/open_api_specs/sample_servicenow_incident_api_basicauth.yaml
Outdated
Show resolved
Hide resolved
docs/how-to/agents/ServiceNow/open_api_specs/sample_now_knowledge_latest_spec_basicauth.yaml
Outdated
Show resolved
Hide resolved
…dge_latest_spec.yaml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…ION_FIX.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…dge_latest_spec_basicauth.yaml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…_incident_api_basicauth.yaml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
| # For bearer tokens stored as 'key' type | ||
| if auth_type == 'key' and auth_method == 'bearer': | ||
| token = auth_config.get('key', '') | ||
| debug_print(f"[Factory] Applying basic auth transformation") |
There was a problem hiding this comment.
The debug message on line 164 says "Applying basic auth transformation" but this is actually for bearer token authentication. This should say "Applying bearer auth transformation" to match the context.
Suggested change
| debug_print(f"[Factory] Applying basic auth transformation") | |
| debug_print(f"[Factory] Applying bearer auth transformation") |
| - Removed redundant single-agent loading logic | ||
|
|
||
| 2. **`config.py`** (Line 91) | ||
| - Updated VERSION from "0.235.026" to "0.235.027" |
There was a problem hiding this comment.
The "Files Modified" section states "Updated VERSION from '0.235.026' to '0.235.027'", but the actual change in this PR updates VERSION from "0.236.011" to "0.236.012". While the header correctly indicates this fix is implemented in version 0.236.012, the "Files Modified" section contains outdated version information that may confuse readers. Consider either removing the specific version numbers from the "Files Modified" section or updating them to reflect the actual change (0.236.011 → 0.236.012).
Suggested change
| - Updated VERSION from "0.235.026" to "0.235.027" | |
| - Updated VERSION from "0.236.011" to "0.236.012" |
| - **Parity achieved:** Both global and group routes now call `get_merged_plugin_settings()` | ||
|
|
||
| 2. **`config.py`** | ||
| - Updated VERSION from "0.235.027" to "0.235.028" |
There was a problem hiding this comment.
The "Files Modified" section states "Updated VERSION from '0.235.027' to '0.235.028'", but the actual change in this PR updates VERSION from "0.236.011" to "0.236.012". While the header correctly indicates this fix is implemented in version 0.236.012, the "Files Modified" section contains outdated version information that may confuse readers. Consider either removing the specific version numbers from the "Files Modified" section or updating them to reflect the actual change (0.236.011 → 0.236.012).
Suggested change
| - Updated VERSION from "0.235.027" to "0.235.028" | |
| - Updated VERSION from "0.236.011" to "0.236.012" |
| - URL: `https://devnnnnnn.service-now.com` | ||
| 2. **Navigate to OAuth Application Registry:** | ||
| 2. **Navigate to OAuth Application Registry:** |
There was a problem hiding this comment.
Lines 74 and 75 are duplicate. The instruction "Navigate to OAuth Application Registry:" appears twice consecutively.
Suggested change
| 2. **Navigate to OAuth Application Registry:** |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ServiceNow Integration Documentation and Bug Fixes
Overview
This PR adds comprehensive documentation for integrating ServiceNow with Simple Chat and fixes four critical bugs that were discovered during the ServiceNow integration testing. The bugs affect OpenAPI actions, group actions, group agents, and Azure AI Search connection testing.
📚 ServiceNow Integration Documentation
What's New
Complete ServiceNow Integration Guide
Documentation Files:
docs/how-to/agents/ServiceNow/SERVICENOW_INTEGRATION.md- Main integration guide (760 lines)docs/how-to/agents/ServiceNow/SERVICENOW_OAUTH_SETUP.md- OAuth 2.0 setup guide (480+ lines)docs/how-to/agents/ServiceNow/servicenow_agent_instructions.txt- Agent instructions (263 lines)docs/how-to/agents/ServiceNow/open_api_specs/- 7 OpenAPI YAML files (both bearer token and basic auth versions)Key Features:
🐛 Bug Fixes
1. OpenAPI Basic Authentication Fix
Issue Behavior:
OpenAPI actions configured with Basic Authentication failed with "session not authenticated" error, even when credentials were correct. The agent would report inability to access the API despite the credentials being stored successfully.
Root Cause:
Mismatch between how the UI stored Basic Auth credentials (as
username:passwordstring inauth.key) and how the OpenAPI plugin factory expected them (as separateusernameandpasswordproperties inadditionalFields).Files Modified:
application/single_app/semantic_kernel_plugins/openapi_plugin_factory.pyReference:
OPENAPI_BASIC_AUTH_FIX.md2. Group Action OAuth Schema Merging Fix
Issue Behavior:
Group actions with OAuth bearer token authentication failed with HTTP 401 Unauthorized errors. When editing a group action, the
additionalFieldsproperty was empty ({}), missing all authentication configuration fields that were present in working global actions.Root Cause:
Group action backend routes (
route_backend_plugins.py) did not callget_merged_plugin_settings()to merge UI form data with OpenAPI schema defaults, while global action routes did. This caused group actions to be saved without authentication configuration fields likeauth_method,base_url, and authentication credentials.Files Modified:
application/single_app/route_backend_plugins.pyReference:
GROUP_ACTION_OAUTH_SCHEMA_MERGING_FIX.md3. Group Agent Loading Fix
Issue Behavior:
Group agents were not appearing in the agent list when per-user semantic kernel mode was enabled. When users selected a group agent, it would fall back to the global "researcher" agent with zero plugins/actions available. Group agents would ask clarifying questions instead of executing available ServiceNow actions.
Root Cause:
The
load_user_semantic_kernel()function only loaded personal agents and global agents (when merge enabled), but completely omitted group agents from groups the user is a member of. The function did not fetch or load group agents despite the user having valid group memberships.Files Modified:
application/single_app/semantic_kernel_loader.pyReference:
GROUP_AGENT_LOADING_FIX.md4. Azure AI Search Test Connection Fix
Issue Behavior:
When clicking "Test Azure AI Search Connection" button on the App Settings "Search & Extract" page with managed identity authentication enabled, the test failed with
NameError: name 'search_resource_manager' is not defined. Even when the variable was defined, bearer token authentication didn't work with Azure AI Search.Root Cause:
The old implementation used a REST API approach with manually acquired bearer tokens, which is fundamentally incompatible with how Azure AI Search handles managed identity authentication on the data plane. Azure AI Search requires SDK-specific authentication handling and rejects bearer tokens acquired through standard
DefaultAzureCredential.get_token()flows.Files Modified:
application/single_app/route_backend_settings.pyReference:
[AZURE_AI_SEARCH_TEST_CONNECTION_FIX.md](https://github.com/user-attachments/files/24832462/AZURE_AI_SEARCH_TEST_CONNECTION_FIX.md) [GROUP_ACTION_OAUTH_SCHEMA_MERGING_FIX.md](https://github.com/user-attachments/files/24832463/GROUP_ACTION_OAUTH_SCHEMA_MERGING_FIX.md) [GROUP_AGENT_LOADING_FIX.md](https://github.com/user-attachments/files/24832464/GROUP_AGENT_LOADING_FIX.md) [OPENAPI_BASIC_AUTH_FIX.md](https://github.com/user-attachments/files/24832465/OPENAPI_BASIC_AUTH_FIX.md) AZURE_AI_SEARCH_TEST_CONNECTION_FIX.md📊 Impact Summary
ServiceNow Integration
Bug Fixes
🔄 Version Update
Updated version from
0.236.011to0.236.012🧪 Testing
All bugs were discovered and validated during ServiceNow integration testing:
📝 Files Changed
Documentation Added:
Code Modified:
config.py- Version updateopenapi_plugin_factory.py- Basic auth credential parsing fixroute_backend_plugins.py- Schema merging for group actionssemantic_kernel_loader.py- Group agent loading in per-user moderoute_backend_settings.py- AI Search test connection with managed identity🎯 Related Issues
These fixes were discovered during ServiceNow integration work and are critical for: