The Non-Interactive Sessions plugin creates a distinction between interactive and
non-interactive users.
- Interactive users
- New users added to the instance automatically become interactive users. Interactive users
can perform the following actions:
- Use their user name and password to log in to the UI or a service portal.
- Connect to an instance from a URL that calls a UI page, form, or list, for example,
https://<instance name>.service-now.com/incident.do.
- Connect with single sign-on, for example, digest authentication or SAML.
- Use their credentials to authorize SOAP connections if allowed by strict security.
- Use their credentials for other API connections such as WSDL, JSON, XML, or XSD without
restriction.
- Non-interactive users
- Non-interactive users can only use their credentials to authorize API connections such as
JSON, SOAP, and WSDL. They cannot log in to the ServiceNow UI. The strict security high
security setting determines if non-interactive users are subject to Contextual
Security requirements.
Distinguishing between interactive and non-interactive users increases instance security by
ensuring that users conform to the principle of least privilege.
Installed with Non-Interactive Sessions
Note: Non-Interactive Sessions is enabled for all new instances since the Calgary release. If you
do not see it in the list of plugins, request it using the Activate Plugin service catalog item
in Now Support.
- Adds a column Web Service Access Only [web_service_access_only] to the User [sys_user]
table.
- Changes all existing users to be interactive users (web_service_access_only=false).
- Updates the User form to display the Web Service Access Only [web_service_access_only]
field by default.
