Oracle Access Governance (AG) is a comprehensive Identity Governance and Administration (IGA) solution that helps organizations efficiently manage identities, permissions, and access risks across the enterprise. With deep integrations, flexible workflows, and robust automation, Access Governance empowers security and business owners to ensure the right access for the right people—securely and compliantly. We recommend choosing Oracle Access Governance’s self-service capabilities for its AI-driven insights and modern user experience. However, some organizations prefer to maintain their existing ITSM (ServiceNow) processes. For these organizations, Access Governance offers seamless, out-of-the-box integration with the ServiceNow Service Catalog, enabling users to request access to enterprise applications and systems directly within ServiceNow.

This integration combines ServiceNow’s workflow and service management capabilities with AG’s intelligent access governance and automation—giving you the best of both worlds.

Functional Overview

AG and ServiceNow Catalog integration is designed for low-code deployment—simply install the ‘Oracle Access Governance Service Catalog’ app from the ServiceNow Store, configure API connections/consents, and complete the basic setup. AG uses an API-driven, one-way approach to publish access bundles to the ServiceNow catalog, enabling your workforce to request access within the ServiceNow console. Approvals can be managed in ServiceNow or in AG, and AG ensures all requests are subject to access guardrails, automated provisioning, and a complete, exportable audit trail for enterprise compliance and reporting.

Key Benefits

  • Unified User Experience: ServiceNow becomes the single pane of glass for all access requests, approvals, and tracking
  • Consistent Fulfillment: All access grants and removals are orchestrated centrally, reducing inconsistencies and manual overhead
  • Automated Compliance Enforcement: Requests initiated in ServiceNow are routed through AG, to apply access guardrails violations checks before provisioning or remediation
  • Complete Auditability: Every request, approval, and provisioning event logged, supporting clear, auditable trails for compliance and audit needs
  • Out-of-the-Box Connectivity: Rapid deployment with minimal setup and configuration

This approach means faster onboarding, lower risks, less administrative burden, and an improved user experience across an organization.

Setting it up:

The integration supports two configuration modes based on where approvals occur:

  • Mode 1: For organizations that prioritize unified ServiceNow workflows and want both requestors and approvers to work within the ServiceNow console
  • Mode 2: For organizations that want approvers to leverage AI-driven insights and recommendations in the Access Governance console

Regardless of where the approvals happen, Access Governance maintains the segregation of duties controls, compliance enforcement, and audit controls.

Mode-1: Access Requests and approvals in ServiceNow console

For organizations which prioritize unified ServiceNow workflows and prefer requester and approvers to use ServiceNow console:

Figure: Oracle Access Governance and ServiceNow integration – end-to-end access request and fulfilment flow in Mode-1

Step 1: Configure Access Bundles in Access Governance:

As an application administrator, define Access bundles in Access Governance

  • For Access Bundles (permission) that need Access Guardrails (SOD violation) check, associate the access guardrail with Access Bundle, however, as approvals must happen in ServiceNow, AG offers three options:
    (1) Call AG Access Guardrails APIs to detect whether a beneficiary qualifies access guardrails before access request is raised for beneficiary
    (2) Enabling AG approval only when violation happens – by selecting approvals and checking ‘auto-approve requests without any access guardrails violation’ option for access bundle
    (3) Remediate violation raised for access request after access is assigned to user, by selecting approval workflow as ‘no approval required’

Step 2: Setting up the integration:

  • Install and configure ‘Oracle Access Governance Service Catalog’ application in ServiceNow.
    • Navigate to the ServiceNow App Store.Search for the Oracle Access Governance Service Catalog application.
  • Synchronize access bundles defined in Access Governance into ServiceNow, ensuring those are listed in ServiceNow access catalog
  • Define approval workflows in ServiceNow for the synchronized access bundles

Product documentation for reference: Oracle Access Governance: Self Service Using ServiceNow

Step 3: End-users browse and request access in the ServiceNow Console:

  • End-users navigate to ServiceNow UI and then ‘Oracle Access Governance Service Catalog’ application
  • From the Service Catalog portal select the access bundle they need for self or others and submit a request—adding any necessary justification
  • Track request status in ServiceNow. Real-time updates are synchronized from Access Governance

Step 4: Approvers approve access request in ServiceNow console:

  • Approvers use ServiceNow console to navigate to ‘Oracle Access Governance Service Catalog’ application
  • Approvers review and approve/reject requests directly in ServiceNow

Note: If an access request results in a violation, then an additional approval or denial must be handled in the Access Governance console, even if the initial workflow runs in ServiceNow.

Mode-2: Access request in ServiceNow, and Approvals happen in Access Governance

 For organizations that want approvers to leverage AI-driven insights and recommendations when making decisions:

Figure: Oracle Access Governance and ServiceNow integration – end-to-end access request and fulfilment flow in Mode-2

Step 1: Configure Access Bundles in Access Governance:

  • As an application administrator, define Access bundles in AG with required approval workflows and access guardrails rules

Step 2: Setting up the integration:

  • Same as in Mode-1

Step 3: End-users browse and request access in the ServiceNow Console:

  • Same as in Mode-1

Step 4: Approvers approve access request in Access Governance console:

  • After end-user raises an access request in ServiceNow, an access request is created in Access Governance. Approver gets the notification to review it
  • Approvers use the Access Governance console to review requests with AI-powered insights If any violations occur due to the defined Access Guardrails, Approver reviews it along with the request and make an informed decision

After the approval, the integration automatically handles:

  • Automated Provisioning: Access Governance provisions access to the managed systems (e.g., Oracle Cloud, Salesforce, Active Directory) with no manual intervention
  • Real-Time Synchronization: Both ServiceNow and Access Governance keep the requestor and approver informed at every step—no need to chase status updates or work with multiple tools
  • Comprehensive Audit Trail: Every request, decision, and provisioning action is recorded in both ServiceNow and AG, creating a thorough, auditable record

With this integration, Oracle customers can seamlessly combine the convenience of ServiceNow ITSM with powerful, enterprise-grade access governance—enabling an empowered workforce while strengthening business protection.

To learn more about how Access Governance can strengthen your identity governance and compliance programs, explore the resources below or reach out to your Oracle team for a tailored walkthrough