ServiceNow

The Incode integration for ServiceNow enables IT helpdesk agents to trigger identity verification sessions directly from supported record forms without leaving ServiceNow. When an agent clicks Request Identity Verification on a record, the relevant person receives a secure verification link by email. As they complete the Incode session, the IDV Status field on the record updates automatically in real time via webhook.

The integration is available as a scoped application installable from the ServiceNow Store.

Prerequisites

A ServiceNow instance running Tokyo or later
An admin role on the target ServiceNow instance
Access to the Integrations page in the Incode Dashboard. Contact your Incode representative if you do not see the Integrations page.
The following credentials from your Incode Dashboard — see Find integration details for where to locate each one:

Credential	Where to find it in Dashboard
API Key	Configuration → API Keys
Configuration ID	Workflows
Integration ID	Integrations → open integration → Copy ID
Client ID	Integrations → Custom → OIDC Client Credentials
Client Secret	Integrations → Custom → OIDC Client Credentials

Outbound SMTP email configured on your ServiceNow instance

How it works

An agent opens a supported ServiceNow record (Incident, Service Request, etc.) and clicks Request Identity Verification. A confirmation dialog appears before the request is sent.
A verification session is created and a link is emailed to the relevant person on the record (the Caller, Requested For, or equivalent).
The person completes the Incode verification session on their device.
Incode sends webhook events back to the ServiceNow instance as the session progresses.
The IDV Status field on the record updates automatically with the result and timestamp.

Supported record types

Record type	Table	Person verified
Incident	`incident`	Caller
Service Request	`sc_request`	Requested For
Requested Item	`sc_req_item`	Requested For
Change Request	`change_request`	Requested By
HR Case	`sn_hr_core_case`	Opened For

📘
HR Case
HR Case support requires the HR Service Management Core plugin (com.sn_hr_core) to be installed on your ServiceNow instance before the IDV Status field can be added to the HR Case form layout.

IDV Status field values

The IDV Status field (x_1946359_incode_0_idv_status) on each supported record updates automatically as webhook events are received from Incode. Each status value includes a timestamp of the last update.

Status	Meaning
`In Progress - YYYY-MM-DD HH:MM:SS`	Person has opened the verification link
`Pending Review - YYYY-MM-DD HH:MM:SS`	Verification submitted, awaiting manual review in Dashboard
`Success - YYYY-MM-DD HH:MM:SS`	Identity confirmed — safe to proceed with resolution
`Failed - YYYY-MM-DD HH:MM:SS`	Verification failed — do not proceed
`Failure - YYYY-MM-DD HH:MM:SS`	Session completed with unsuccessful onboarding status

Set up guide

Step 1: Install the application

Option A — ServiceNow Store

Go to store.servicenow.com.
Search for Incode Identity Verification.
Click Get, then Install on your instance. The app installs automatically as a scoped application.

Option B — Update Set XML (for PoC or pilot)

In ServiceNow, navigate to System Update Sets → Retrieved Update Sets.
Click Import Update Set from XML.
Upload the provided incode_idv_update_set.xml file.
Click Preview Update Set, resolve any conflicts, then click Commit Update Set.

Step 2: Open the Getting Started checklist

After installation, navigate to Filter Navigator → Incode Identity Verification → Getting Started.

This guided checklist walks through the remaining setup steps in sequence. Follow it in order — the checklist covers Steps 3 through 6 below.

Step 3: Configure the application

Navigate to Incode Identity Verification → Configuration and fill in all sections:

API settings

Field	Value
Base URL	`https://demo-api.incodesmile.com` (sandbox) or your production URL
API Key	From Dashboard — Configuration → API Keys
Configuration ID	From Dashboard — Workflows
Integration ID	From Dashboard — Integrations → open integration → Copy ID

OAuth2 authentication

Field	Value
Auth Server URL	`https://auth.incode.com` (production) or `https://auth.demo.incode.com` (sandbox)
Token URL Path	`/oauth2/token`
Grant Type	`client_credentials`
Client ID	From Dashboard — Integrations → Custom → OIDC Client Credentials
Client Secret	From Dashboard — Integrations → Custom → OIDC Client Credentials
Scope	`openid`

Email settings

Field	Value
SMTP Host	Your SMTP server (e.g. `smtp.office365.com`)
SMTP Port	`587` (STARTTLS)
SMTP Username	Your sending email address
SMTP Password	Your SMTP password
Connection Security	`STARTTLS`
From Address	Must match SMTP username for Office 365
From Name	e.g. `IT Helpdesk`

📘
Note on SMTP
The SMTP fields configure the From address on outbound emails. Actual email delivery uses the ServiceNow platform mailer configured under System Properties → Email → Outbound (glide.smtp.*). If you need a dedicated SMTP relay, ask your ServiceNow administrator to configure it there.

After filling in all fields:

Click Save Configuration.
Click Test OAuth2 and confirm the connection shows as successful.
Click Send Test Email and confirm delivery.
Click Clear Cache.

Step 4: Register the webhook

Copy the webhook URL from the Configuration page: https://YOUR-INSTANCE.service-now.com/api/x_1946359_incode_0/incode_idv_webhook
In Dashboard, navigate to Configuration → Webhooks and add a new endpoint. See Configuration: Webhooks tab for more information.
Paste the webhook URL and enable the following events:

Event	IDV Status result
`SESSION_STARTED`	In Progress
`SESSION_SUCCEEDED`	Success
`SESSION_FAILED`	Failed
`SESSION_PENDING_REVIEW`	Pending Review
`SESSION_COMPLETED` / `ONBOARDING_FINISHED`	Success or Failure based on onboarding result

Copy the Signing Secret from the Incode webhook configuration and paste it into the Webhook Secret field on the ServiceNow Configuration page.
Save again.

Step 5: Assign roles

Assign roles to your team via User Administration → Users:

Role	Assign to
`x_1946359_incode_0.agent`	All helpdesk agents who will trigger verifications
`x_1946359_incode_0.admin`	IT administrators who manage app configuration

Step 6: Add IDV Status field to form layouts

The IDV Status field is included in the app but must be added to each record type's form layout manually.

For each record type you want to enable:

Open any record of that type (for example, an Incident).
Right-click the form header and select Configure → Form Layout.
Find IDV Status in the Available fields list on the left.
Drag it to your preferred position on the form.
Click Save.

Repeat for each record type: Incident, Service Request, Requested Item, Change Request, and HR Case (if the HR plugin is installed).

📘
Tip
Placing the IDV Status field near the top of the form or next to the caller/requestor field makes the verification result easy for agents to see at a glance.

Testing

Once setup is complete, test the full end-to-end flow:

Open an Incident record with a test user assigned as the Caller.
Click Request Identity Verification and confirm the confirmation dialog appears before sending.
Confirm the test user receives the verification link by email.
Complete the verification session on a mobile device.
Return to the Incident record and confirm the IDV Status field updates to Success with a timestamp.

📘
If the IDV Status field does not update
Confirm the webhook is registered correctly in Dashboard and that all six events are enabled. Verify the Signing Secret in ServiceNow matches the one in Dashboard. Check the ServiceNow System Log for any incoming webhook errors.

📘
If the verification email is not received
Click Send Test Email on the Configuration page to verify SMTP delivery is working. Check your spam folder and confirm the From Address is authorized to send from your SMTP server.