Today, organizations strive to improve productivity and streamline their operations by integrating various applications. With business automation, enterprises can not only remove manual work but also offer better services to keep customers satisfied. To ensure organizations stay on top of their core work, ServiceNow, a leading cloud-based service provider, helps businesses with an integrated and connected set of applications to make organizations efficient in business workflows. As ServiceNow readily avails REST APIs, it not only provides a development platform for business applications but also integrates valuable resources inside and outside the enterprise.
This article explains the working of ServiceNow REST APIs, while also introducing you to the fundamental concepts of REST API.
Prerequisites
- Understanding of Automation
Introduction to REST API
A REST API is an Application Programming Interface (API) that adheres to REpresentational State Transfer (REST) architecture. Roy Fielding, in his thesis, discussed distributed hypermedia systems (2000), described the software design principles mentioning constraints to retain REST architecture style. Today, as REST APIs allow developers to integrate applications, it is the most widely used method for connecting components in microservices architectures.
Below are a few key fundamentals of REST API:
Principles
For an API to be considered RESTful, it must confirm the below principles:
- Decoupled Service: describes the nature of the separation between client and server. With client-server decoupling, portability of user interface and scalability of server components also improve.
- Statelessness: is a constraint that mandates each ‘request’ to include all necessary information offered between client and server without storing any context on the server.
- Cache: helps to mitigate constraints of statelessness. This data helps to streamline client-server interactions.
- Uniform Interface: defines a uniform contract that prohibits using multiple or self-contained interfaces within an API. All API requesting the same resource should look alike (Idempotent), irrespective of where the request was initiated.
- Layered System: makes an architecture to be hierarchical. This constraint limits the interaction of components beyond the immediate layer.
A fully managed No-code Data Pipeline platform like Hevo Data helps you integrate and load data from 150+ Data Sources (Including 60+ Free Data Sources) to a destination of your choice in real time in an effortless manner. Hevo further provides a free Native REST API Connector to help you load data from custom and non-native data sources to your desired destination without writing a single line of code.
Check out some of the cool features of Hevo:
- Seamless Integration: Consolidate data from multiple sources into one destination.
- Single Source of Truth: Ensure accurate and consistent data for your analysis.
- Analysis-Ready Data: Transform and prepare your data for immediate use.
Get Started with Hevo for Free
CRUD Operations
CRUD is an acronym for Create, Read, Update, and Delete commands. Software developers interact with databases using these functions:
- Create: is a procedure to generate new records.
- Read: is a procedure to read/retrieve data.
- Update: is a procedure to modify records (without overwriting).
- Delete: is a procedure to remove (one or more) entries entirely.
Endpoints
API executes an operation using ‘requests’ and ‘responses.’ The location where APIs send requests or where resources live are endpoints. With REST APIs, an endpoint is one end of a communication channel. Each endpoint is a location where REST APIs can access the resources needed to carry out a function.
What is ServiceNow
ServiceNow is a Cloud-based SaaS (Software-as-a-Service) platform that automates organizational processes while delivering a consistent and consumer-friendly experience. As the platform specializes in IT service, operation, and business management, it provides a comprehensive development environment to build, test, and implement applications.
Many new-age companies like AWS, Azure, or Salesforce run on multi-tenant architecture to serve multiple customers with a single instance. However, ServiceNow adapts a multi-instance architecture that creates a unique instance for each employee. Multi-instance architecture isolates software applications, middleware, and databases for each customer, providing data isolation.
Key Features
ServiceNow offers service-based solutions that not only assist users in identifying root cause analysis of encountered issues but also help them in resolving issues manually or automatically.
Below are a few key features supported by ServiceNow:
- Automation in Testing: uses automated validation tests that allow users to fast track their applications into production. It also negates risks for new apps while focusing on functionality. With automation in testing, the unnecessary need for separate test data can be eliminated.
- Predictive Intelligence: is an AI/ML solution that helps reduce error rates and decreases resolution time. This feature automatically clusters groups to get an understanding of records belonging to each group. It also supports TF-IDF- (term frequency-inverse document frequency) based classification to improve query resolution time.
- Analytics and Reporting: are optimized to deliver a better experience in an iterative process. ServiceNow can generate reports by entering a query instead of going through the entire report designer menu. In addition, NLQ (natural language query) bridges the gap between technical and non-technical users to uncover valuable data.
Application
ServiceNow platform offers a highly configurable and extensible cloud platform to provide an enterprise-grade architecture and infrastructure. All applications are built on a single platform that leverages one user interface, one code, and one data model.
Below are a few applications:
- IT Service Management (ITSM): provides high-quality IT services that ensure businesses have a smoother operation. ServiceNow implementation focuses on critical objectives like cost-effective solutions, intelligent automation, data quality, performance analytics, and better return on investment (ROI).
- IT Operations Management (ITOM): helps predict, prevent and automate IT issues before impacting users. With log analytics and anomaly detection, enterprises can proactively trigger their teams to mitigate problems.
- IT Business Management (ITBM): gives transparency and ensures active project communication among the project members for the entire project cycle. ServiceNow not only handles team collaboration but also adopts management strategies that benefit organization goals.
ServiceNow REST API types
As diversity often results in innovation, ServiceNow enables HTTP-based web services to communicate among applications that support both inbound (provider) and outbound (consumer) web services. REST API interacts with various ServiceNow functionality within your application.
Below are a few types of ServiceNow REST API:
Application Service API
Application service API helps to create, modify and update application services. This API requires users to have an administrator role [app_service_admin].
Attachment API
Attachment API allows you to upload or retrieve a single file with each request. This API respects system limitations on uploaded files, providing constraints on file size (1024MB by default) and allowing attachment types.
Batch API
With batch API, a user can send a single request consisting of multiple REST API calls, which returns a stream of responses. This API enables integrators to reduce the time required to send API requests and even create more efficient code for client-side integrations.
Consumer API
Consumer API helps to retrieve and update CSM (customer service management) consumer records. It can also generate new social media profile records when creating a customer.
ServiceNow REST API Rate Limits
Despite API developers ensuring efficient performance and high availability, an API can experience sudden traffic penetration, thereby degrading performance. This is where rate-limiting not only helps APIs in scalability but also is an essential component of internet cybersecurity threats like DoS attacks. Below are steps and limitations for rate limits:
Rate Limits
Excessive inbound REST API requests can be prevented if you set rules that limit the number of inbound REST API requests processed per hour. Customized rules can be created to limit requests for specific users, specific roles, or all users. It should be noted that each node maintains a rate limit count per user and is committed to the database every 30 seconds. Below are the two concepts to understand Rate Limits:
- Priorities: This needs to be enforced if an inbound request matches multiple rate limits. Rate limits are prioritized for users, followed by import_admin roles, ITIL roles, and all users, respectively.
Suppose an ITIL user requests ‘GET /now/v2/table/incident’ for a REST API resource, the request matches three rules — limit incidents, limit incidents by ITIL role, and limit incidents by a user — of the four rate limit priorities (as mentioned above). Here, as the limit incident by a user is highly prioritized, ITIL users can submit a maximum of ten requests per hour.
- Response headers: provide necessary information about rate limit. If a request matches a rate limit rule, inbound REST API requests can be generated using REST API Explorer with the below details:
- ‘X-RateLimit-Limit’ shows the number of requests allowed per hour.
- ‘X-RateLimit-Reset’ shows the time (unix format) until the upcoming scheduled reset.
- ‘X-RateLimit-Rule’ shows the ‘sys_id’ of the rate limit rule.
Steps and Limitations
Create
Creating a rate limit sets a rule for all users, users with specific roles, or all users. Below is the procedure to set a rate limit:
- Navigate to ‘System Web Services,’ select ‘REST’ and click ‘Rate Limit Rules.’
- Now, click on new, and enter the desired values in the rule form.
- Finally, click on submit to bring the new rate limit into effect.
Reset
Reset rate limit resets the rate limit count to zero; it also deletes any violation for the current hour. Below is the procedure to reset a rate limit:
- Navigate to ‘Rate Limit Rules’ and select the rate limit rule that you desire to reset.
- Click the ‘Reset Rate Limit Counts.’
Monitor
Monitor rate limit is used to observe counts and violations for inbound REST API requests restricted by the rate limit rule.
Below is the procedure to monitor the rate limit:
- Navigate to ‘System Web Services,’ select ‘REST’ and click ‘Rate Limits.’
- Select the rate limit rule to monitor rate limit counts and violations.
Investigate
Investigating rate limit violations helps to determine which rate limit rules have exceeded and which users are exceeding those rate limits. To investigate violations, follow the below steps:
- Navigate to ‘System Web Services,’ select ‘REST’ and click ‘Rate Limit Violations.’
- Select the rate limit rule to investigate and review the bi-weekly violations made by users.
Understanding ServiceNow REST API Explorer
ServiceNow REST API Explorer allows you to explore various REST APIs offered by ServiceNow. This module helps in quickly constructing and executing requests as well as viewing responses from ServiceNow REST APIs within your browser. Before beginning, a user account must have rest_api_explorer and web_service_admin roles.
Below steps can help you understand ServiceNow REST API Explorer:
Steps to Navigate ServiceNow REST API Explorer
Suppose you want to view available ServiceNow REST API resources, navigate to ‘System Web Services’, and select ServiceNow REST API Explorer. If a user wants to retrieve existing incidents, follow the below steps:
- Select ‘Table API,’ and version v1 from the top-left corner of the ServiceNow REST API Explorer.
- Click on ‘retrieve records from a table (GET),’ as shown in the below figure.
- Choose the incident table in the path parameters section, and click send. ServiceNow REST API Explorer response includes incident records (first ten records) from the instance. The response also includes link header, status code, and execution time (in milliseconds) of the request as shown below:
Implementing CRUD Operation
All CRUD operations can be performed using ServiceNow REST API Explorer, given a user has admin, web_service_admin, or rest_api_explorer roles.
Following steps can be followed to perform various CRUD operations:
To create an incident record, follow the below steps:
- Click create a record (POST) in the top-left corner of the REST API Explorer.
- Select the incident table in the path parameters section.
- In the request body section, click ‘Add a field,’ and specify a value for that field.
- Once the request is constructed, click send.
To read inserted incident, follow the below steps:
- Click retrieve a record (POST) in the top-left corner of the REST API Explorer.
- Select the incident table in the path parameters section.
- Enter the sys_id of the record and click send.
To update an existing record, follow the below steps:
- Click modify a record (PUT), or update a record (PATCH) in the top-left corner of the REST API Explorer.
- Select the incident table in the path parameters section.
- Enter the sys_id of the record in the sys_id field.
- In the request body section, click ‘Add a field.’
- Specify a new value in the short description field and click send.
To delete an incident record, follow the below steps:
- Click delete a record (DELETE) in the top-left corner of the REST API Explorer.
- Select the incident table in the path parameters section.
- Enter the sys_id of the record in the sys_id field and click send.
Conclusion
ServiceNow integration with REST API assists businesses to excel with a centralized platform that helps organizations monitor progress and accountability to solve issues proactively. Building a ServiceNow REST API connection manually, using API calls can be challenging especially for a beginner & this is where Hevo saves the day.
Try a 14-day free trial and experience the feature-rich Hevo suite firsthand. Also, check out our unbeatable pricing to choose the best plan for your organization.
FAQs
1. Can I limit the fields returned by the ServiceNow API?
The sysparm_fields parameter can be used to specify the fields for an API response, and, therefore, make it more efficient.
2. What is the difference between ServiceNow Table API and Aggregate API?
The Table API is used in ServiceNow to perform CRUD operations on ServiceNow tables; whereas the Aggregate API is used for advanced data aggregation and summarization.
3. How do ServiceNow API rate limits work?
ServiceNow enforces rate limits based on the subscription and usage level of the API user as a protection against overloading, with a default of 1000 requests per hour.
Amit Kulkarni specializes in creating informative and engaging content on data science, leveraging his problem-solving and analytical thinking skills. He excels in delivering AI and automation solutions, developing generative chatbots, and providing data-driven AI & ML solutions. Amit holds a Master's degree and a Bachelor's degree in Electrical Engineering, consistently achieving distinction in his studies.