Enable WS-Security verification

Administrators can enable Web Services Security (WSS) verification from the Web Services system properties.

Before you begin

Role required: web_service_admin or admin

Procedure

  1. Navigate to System Web Services > Properties.
  2. For Require WS-Security header verification for all incoming SOAP requests, select Yes.
    Require WS-Security header verification
  3. Click Save.
  4. Create a WS-security profile.
  5. Update the user record for the MID Server and ODBC driver to mark these users as internal integration users.
  6. Download and install the latest MID Server and ODBC driver.
  7. To validate SOAP request signatures, upload the remote web service's certificate as a JKS and create the web service's WSS Username Token Profile.
    Note: Because ServiceNow's WSS implementation does not verify the CA certificate, you do not need to upload the web service's CA certificate.