Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[RFE] Add support for client certificate authentication #415

Open
ansiblejunky opened this issue Dec 11, 2024 · 0 comments
Open

[RFE] Add support for client certificate authentication #415

ansiblejunky opened this issue Dec 11, 2024 · 0 comments
Assignees
Labels
needs_research Further research is needed to determine the feasibility and scope of the issue.

Comments

@ansiblejunky
Copy link

ansiblejunky commented Dec 11, 2024

SUMMARY

The Ansible Service Now Collection only supports Basic Auth and OAuth tokens, but many customers are using client certificate authentication. The only way we were able to handle this was to use the URI module and leverage the client_cert parameter. However, it meant the customer could not use the Ansible Collection and modules.

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

Entire Ansible Collections and modules would support (provide) a client_cert parameter for authentication.

ADDITIONAL INFORMATION

It would be used to authenticate against Service Now API. It is needed because a lot of customers use client certificate authentication instead of Basic Auth or OAuth Token methods.

Below is an example of how we accomplished the authentication using the uri module but this should also be possible using standard modules so the customer can use desired state and idempotency concepts.

- name: Create change request
  ansible.builtin.uri:
    url: "{{ servicenow_url_create }}"
    method: POST
    headers:
      Content-Type: "application/json"
    body_format: json
    body:
      assigned_to: "MANAGER123"
      business_service: "Business Group"
      service_offering: "Backup"
      u_data_center: "San Diego"
      u_impacted_lobs: "Business Lab"
      start_date: "2024-12-15 15:28:00"
      end_date: "2024-12-15 15:29:02"
      close_code: "successful"
      close_notes: "System backup for '{{ inventory_hostname }}' via Ansible Automated Standard Change"
      risk_impact_analysis: "Low"
      justification: "Backup schedule overdue"
      u_lob_field_1: "Change is Security relevant"
    validate_certs: true
    client_cert: "{{ client_cert }}"
    return_content: true
  register: auth_response
@tupyy tupyy self-assigned this Dec 12, 2024
@tupyy tupyy added the needs_research Further research is needed to determine the feasibility and scope of the issue. label Dec 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
needs_research Further research is needed to determine the feasibility and scope of the issue.
Projects
None yet
Development

No branches or pull requests

2 participants