Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Installed with Password Reset

Installed with Password Reset

Tables, roles, business rules, scripts, and workflows are installed with the Password Reset application.

Table 1. Password Reset tables
Table name Description
Password Reset Active Answer

[pwd_active_answer]

Security questions and associated answers, in an encrypted state, that users have selected while going through the enrollment process.
Password Reset Active Question

[pwd_active_question]

Security questions that users have selected while going through the enrollment process.
Password Reset Activity Log

[pwd_reset_activity]

All Password Reset requests.
Password Reset Activity Monitor

[pwd_activity_monitor]

Password Reset lockout activity.
Password Reset Credential Store

[pwd_cred_store]

Password Reset credential stores that are available.
Password Reset Credential Store Parameters

[pwd_cred_store_param]

User-created credential store parameters.
Password Reset Credential Store Types

[pwd_cred_store_type]

Password Reset credential store types that are available.
Password Reset Desktop Access Control

[pwd_access_control]

Password Reset Windows Application access control.
Password Reset Desktop Access Log

[pwd_access_log]

Password Reset Windows Application access logs.
Password Reset Device Enrollment Code

[pwd_dvc_enrollment_code]

Device enrollment codes that have been sent to users during SMS code enrollment.
Password Reset Devices

[pwd_device]

User SMS devices that are in a state of verified.
Password Reset Enrollment for Verification

[pwd_enrollment]

Information about user enrollment by verification.
Password Reset Enrollment Snapshot

[pwd_enrollment_snapshot]

Snapshot of user enrollment by verification. This table is regenerated daily by a scheduled job named Password Reset Enrollment Snapshot.
Password Reset Extension Type

[pwd_extension_type]

Extension types that are available.
Password Reset Identification Type

[pwd_identification_type]

Password Reset identification types that are available.
Password Reset Process

[pwd_process]

Password Reset processes that are available.
Password Reset Process Credential Store

[pwd_map_proc_to_cred_store]

Credential stores and the associated Password Reset processes that the application is using.
Password Reset Process User Group

[pwd_map_proc_to_group]

Groups and the associated Password Reset processes that the application is using.
Password Reset Process Verification

[pwd_map_proc_to_verification]

Verifications and the associated Password Reset processes that the application is using.
Password Reset Question

[pwd_question]

Questions that the application uses for security question verifications.
Password Reset Request

[pwd_reset_request]

Information about Password Reset requests.
Password Reset SMS Verification Code

[pwd_sms_code]

SMS verification codes that have been sent to users for a password reset.
Password Reset User Lockout

[pwd_user_lockout]

Users that are locked out of Password Reset.
Password Reset Verification

[pwd_verification]

Verifications that are available.
Password Reset Verification Param

[pwd_verification_param]

User-created verification parameters.
Password Reset Verification Type

[pwd_verification_type]

Password Reset verification types that are available.

Password Reset roles

Role Description
password reset administrator 

[password_reset_admin]

Configures and maintains Password Reset and Password Change.
service desk agent 

[password_reset_service_desk]

Resets passwords on behalf of users, tracks password reset requests, and views logs.
credentials manager 

[password_reset_credential_manager]

Determines which credential stores are valid for use with Password Reset.

Password Reset business rules

Business rule Table Description
Add default parameters QA verification Password Reset Verification

[pwd_verification]

If no parameters for Security Question verifications are specified, generates parameters.
Add default parameters SMS verification Password Reset Verification

[pwd_verification]

If there are no parameters specified, generates SMS code verifications parameters.
Add params personal confirm verification Password Reset Verification

[pwd_verification]

If there are no parameters specified, generates personal data confirmation verifications parameters.
Add params personal verification Password Reset Verification

[pwd_verification]

If there are no parameters specified, generates parameters for personal data verification.
Check unique verifications Password Reset Process Verification

[pwd_map_proc_to_verification]

Prevents a verification from being assigned multiple times to a specific Password Reset process.
Clear parameters for Mock verification Password Reset Verification

[pwd_verification]

Clears parameters for the Mock verification.
Deactivate process with no group Password Reset Process User Group

[pwd_map_proc_to_group]

Deactivates the process if it does not apply to all users or if the groups associated with it are removed.
Deactivate process with no min ver Password Reset Process Verification

[pwd_map_proc_to_verification]

Deactivates the process if the verifications associated with the process are less than the minimum value for the process.
Deactivate process with no verification Password Reset Process Verification

[pwd_map_proc_to_verification]

Deactivates the process if the verifications associated with it are removed.
Google Auth Enabled Check Password Reset Process

[pwd_process]

Deactivates the process with Google Authenticator verification if the Google authenticator is disabled.
Handle req_enroll validation/default val Password Reset Process Verification

[pwd_map_proc_to_verification]

Handles requires_enrollment and auto_enroll values for the process.
Order must be unique Password Reset Desktop Access Control

[pwd_access_control]

Enforces order to be unique.
Parameter Names Cannot Be Updated Password Reset Verification Param

[pwd_verification_param]

Prevents parameter name changes.
Password Reset Activity Monitor Password Reset User Lockout

[pwd_user_lockout]

Creates an event when the number of users locked out of Password Reset during a specific interval exceeds the threshold value.
Password Reset Validate Auto-generate Password Reset Process

[pwd_process]

Checks that either Email password or Display password is selected when the Auto-generate password check box is selected.
Personal Data Confirm Param Validation Password Reset Verification Param

[pwd_verification_param]

Checks that a column exists in the sys_user table for the parameter used in a personal data confirmation verification.
Personal Data Param Validation Password Reset Verification Param

[pwd_verification_param]

Checks that a column exists in the sys_user table for the parameter used in a personal data verification.
Prevent against deletion Password Reset Credential Store

[pwd_cred_store]

Checks whether the credential store is part of an active process before allowing deletion.
Prevent against deletion Password Reset Identification Type

[pwd_identification_type]

If an identification type is part of an active process, prevents the identification type from being deleted.
Prevent against deletion Password Reset Verification

[pwd_verification]

If the verification is part of an active process, prevents it from being deleted.
Prevent against deletion when in use Password Reset Credential Store Types

[pwd_cred_store_type]

Prevents deletion when the type is in use.
Prevent against deletion when in use Password Reset Verification Type

[pwd_verification_type]

Prevents deletion when the type is in use.
Security Questions Param Validation Password Reset Verification Param

[pwd_verification_param]

Checks for valid parameters in security question verifications.
Send SMS code Password Reset Device Enrollment Code

[pwd_dvc_enrollment_code]

Sends an enrollment code to a device.
Set new record flag Password Reset Process

[pwd_process]

Sets a new record flag for the client to take appropriate action.
Send SMS Verification Code Via Notify

Password Reset SMS Verification Code

[pwd_sms_code]

Sends out SMS authentication code via Notify if the Notify plugin is active.
Single credential store per process Password Reset Process Credential Store

[pwd_map_proc_to_cred_store]

Prevents having more than one credential store per process.
SMS Code Param Validation Password Reset Verification Param

[pwd_verification_param]

Checks for valid parameters in SMS code verifications.
Update action based on access conditions Password Reset Desktop Access Log

[pwd_access_log]

Updates the “action” field of this log record based on the access control conditions.
Update proc_to_cred_store Password Reset Process

[pwd_process]

Enforces a one-to-one relation between a Password Reset process and a credential store.
Validate Process Password Reset Process

[pwd_process]

Verifies that a Password Reset process is configured correctly.
Validate Pwd Cred Store Name Password Reset Credential Store

[pwd_cred_store]

Enforces the name to be unique.
Validate Pwd Cred Store Type Name Password Reset Credential Store Types

[pwd_cred_store_type]

Enforces the name to be unique.
Validate Pwd Extension Type Name Password Reset Extension Type

[pwd_extension_type]

Enforces the name to be unique.
Validate Pwd Identification Type Name Password Reset Identification Type

[pwd_identification_type]

Enforces the name to be unique and not empty.
Validate Pwd Process Name Password Reset Process

[pwd_process]

Enforces the name to be unique.
Validate Pwd Verification Name Password Reset Verification

[pwd_verification]

Enforces the name to be unique.
Validate Pwd Verification Type Name Password Reset Verification Type

[pwd_verification_type]

Enforces the name to be unique.
Validate Security Question Password Reset Question

[pwd_question]

Validates rules for security questions such as no duplicates or empty questions.
Verify Account Lookup Script Password Reset Credential Store

[pwd_cred_store]

Checks whether the account lookup script has the correctly named function.
VerifyAutoEnroll Password Reset Verification Type

[pwd_verification_type]

Checks whether auto-enroll is selected and ensures that an enrollment check script is provided.

Password Reset UI pages

Name Description
$pwd_reset First page of self-service reset process (asks for user ID).
$pwd_reset_serviceDesk First page of service desk assisted reset process (asks for user ID).
$pwd_verify Second page of reset process (asks user to verify identity).
$pwd_new Last page of password change process (asks for new password).
$pwd_success Page that appears when password is reset successfully.
$pwd_error Page that appears on error during reset process.
$pwd_confirm For processes configured to email password reset URL: After successful verification, this page displays message about sending link to user.
$pwd_change Page for changing password.
$pwd_change_success Page that appears when password is changed successfully.
$pwd_change_error Page that appears on error during password change process.
$pwd_enrollment_form_container Enrollment page for all verifications.
$pwd_enrollment_success Page that appears when enrollment is successful.
$pwd_enroll_error Page that appears when any error happens during enrollment.
$pwd_unlock_success Page that appears when locked user is successfully unlocked.
$pwd_reset_downloads_ui Page for downloading Password Reset Windows Application.

Password Reset UI macros

Name Description
$pwd_csrf_validation CSRF validation for Password Reset Application. If violation is detected, the page will be redirected to the error page.
$pwd_display_password Displays a temporary password on the success page if the process is configured to auto-generate.
$pwd_enroll_questions_ui UI for question and answer security validation enrollment.
$pwd_enroll_questions_ui_js JavaScript code that requires server-side data for security question and answer enrollment.
$pwd_enroll_sample_ui Sample UI macro for enrollment for Mock Verification Type.
$pwd_enroll_sms_ui and $pwd_verify_sms_ui UI for SMS enrollment and verification.
$pwd_enrollment_form_title Jelly macro function that prints the title for the enrollment form. A verification ID is mandatory.
$pwd_error_message UI for displaying error messages.
$pwd_process_flow UI for indicating current stage.
$pwd_process_footer JavaScript code to get the footer macro name.
$pwd_verify_personal_data_ui and $pwd_verify_personal_data_confirmation_ui UI for verifying personal data and for confirming personal data.
$pwd_verify_questions_ui UI for verifying questions.
$pwd_verify_simple_ui Input section for a simple verification method. This field is a single input field.

UI scripts installed with Password Reset

You can create a UI script and reference the script from a UI macro or UI page by using a <g:include_script> Jelly tag. The following example shows how the $pwd_enroll_questions_ui UI macro can reference the $pwd_enroll_questions_ui script. In the example, [UI Script Name]+".jsdbx" is the name of the script:
<g:include_script src="$pwd_enroll_questions_ui.jsdbx" />
By referencing an external script, you can maintain separation between client JavaScript code and Jelly code, which simplifies maintenance. You can use the following installed scripts with Password Reset UI macros:
Name Description
$pwd_csrf_common_ui_script Common UI script for handling a Cross-site Request Forgery (CSRF).
$pwd_enroll_questions_ui JavaScript code for the $pwd_enroll_questions_ui UI macro.
$pwd_enroll_sample_ui Included sample client JavaScript for the $pwd_enroll_sample_ui UI macro.
$pwd_enroll_sms_ui SMS enrollment UI script.
$pwd_enrollment_submit_event UI script for an enrollment submission event.
$pwdWfManager Helper class to handle workflow activities and post-processing.

Password Reset workflows

The Password Reset plugin adds workflows that you can use as examples to create custom workflows for Password Reset processes.
Table 2. Workflows that connect to a credential stores
Workflow Description
Pwd Reset - AD Connects to an AD server.
Pwd Reset - Local ServiceNow Current (local) instance.
Pwd Reset - Master Password Reset master workflow.
Pwd Reset - Mock Fatal Example workflow to use in Password Reset testing to simulate a fatal error. No retries.
Pwd Reset - Mock Non Fatal Example workflow to use in Password Reset testing to simulate a non-fatal error.
Pwd Reset - Mock Success Example workflow to use in Password Reset testing to simulate a successful completion.
Pwd Reset - Remote ServiceNow Connects to a remote(SOAP) ServiceNow instance.
Table 3. Workflows that test the connection to a credential store
Workflow Description
Pwd Connection Test - AD Tests connection to an AD server.
Pwd Connection Test - Local SN Tests connection to local instance.
Pwd Connection Test - Master Master workflow to test credential store connectivity.
Pwd Connection Test - Mock Failure Example credential store connection test that simulates a failed connection.
Pwd Connection Test - Mock Success Example credential store connection test that simulates a successful connection.
Pwd Connection Test - Remote SN Tests connection to a remote(SOAP) ServiceNow instance.
Table 4. Workflows that determine the lock state of a user account
Workflow Description
Pwd Get Lock State - AD Gets a user account lock state for the AD server.
Pwd Get Lock State - Local SN Workflow to get a user account lock state for the local instance.
Pwd Get Lock State - Master Master workflow to get a user account lock state.
Pwd Get Lock State - Remote SN Gets a user account lock state for the remote(SOAP) ServiceNow instance.
Table 5. Workflows that unlock a user account
Workflow Description
Pwd Unlock Account – AD Unlocks a user account for a local instance.
Pwd Unlock Account - Local SN Workflow to unlock a user account for a local instance.
Pwd Unlock Account - Master Master workflow to unlock a user account.
Pwd Unlock Account – Remote SN Unlocks a user account for a remote(SOAP) ServiceNow instance.
Table 6. Workflows that change a password
Workflow Description
Pwd Change - Master Password change master workflow.
Pwd Change – Local ServiceNow Connects to a local instance to change a password.
Pwd Change – AD Connects to an AD server to change a password.
Pwd Change – Remote ServiceNow Connects to a remote(SOAP) ServiceNow instance to change a password.

Password Reset notifications

Name Fired by event name Description
Password Reset – Send SMS Code pwd.send_sms_code.trigger Sends out SMS authentication code for verification.
Password Reset - New Password Confirmation pwd.email.trigger For the Email Password process, sends an email that includes the new password.
Password Reset URL password.reset.url For the Email Password Reset URL process: Sends email that includes a link to the password reset URL.

SOAP messages for Password Reset

SOAP Message Description
Change Password When the Orchestration Add-on plugin is active, the system can use the SOAP protocol to change passwords on remote credential stores such as a remote ServiceNow instance.
Password Reset Request When the Orchestration Add-on plugin is active, the system can use the SOAP protocol to reset passwords on remote credential stores such as a remote ServiceNow instance.

REST API

Name: Pwd Reset

API ID: pwd_reset

Base API path: /api/now/pwd_reset

Table 7. Resources (Version v1)
Name Resource path API Version Description
pwd_init /api/now/v1/pwd_reset/init v1 Initial request to establish session, write logs, and fetch UI messages.
pwd_identify /api/now/v1/pwd_reset/identify v1 Get identification page components.
pwd_verify /api/now/v1/pwd_reset/verify v1 Get verification page components.
pwd_new /api/now/v1/pwd_reset/reset v1 Get resetting password page components.
pwd_success /api/now/v1/pwd_reset/success v1 Get success page components.
pwd_failure /api/now/v1/pwd_reset/failure v1 Get failure page components.