If you run ServiceNow, you already have the organizational answer to "who is allowed to change production, and who signs off?" What you do not have is a way to make AI agents subject to that answer. Agents deploy code, mutate tickets, touch customer data, and call payment APIs — and none of it enters change management.
The ActPass ServiceNow bridge closes that gap. Every ActPass require_approval decision can flow through a change_request in your instance: risk-mapped from the ActPass risk tier (critical→1 … none→4), categorized as AI Agent Action, and correlated by u_actpass_approval_id. Your reviewers approve or reject in ServiceNow; the decision flows back to ActPass and the agent's tool call proceeds or is blocked.
Install is one Update Set, not an app
Your instance runs only an imported Update Set — a column on change_request, a handful of x_actpass.* properties, one business rule, and an off-by-default scheduled job. Paste one gateway-scope key, register the install with a single curl, and decisions start flowing:
curl -X POST https://www.api.actpass.org/api/v1/integrations/installs \
-H "Authorization: Bearer <admin API key>" \
-H "content-type: application/json" \
-d '{ "channel": "servicenow", "external_id": "<instance>", "config": {} }'Three modes for three security postures
- Inbound-only (default): you open and tag change_requests yourself; decisions flow back automatically. ActPass holds no ServiceNow credential.
- Push: ActPass opens a risk-mapped change_request the instant an approval is created, using a service account you scope to insert-only. The credential is AES-256-GCM envelope-encrypted and never returned by any API.
- Pull (zero-credential): a scheduled job inside your instance polls pending approvals with the key you already pasted and opens de-duplicated change_requests. No ServiceNow credential ever leaves your instance.
Fail-closed by construction
A failed change_request create never blocks the approval — it stays decidable in the ActPass dashboard. Nothing in the bridge can auto-approve an action.
What your auditors get
Every agent action that crossed the boundary is now evidenced twice: in the ActPass ledger (scope, TTL, policy, reviewer identity) and in your ServiceNow change history — the system your auditors already query. Agent-driven change stops being a governance exception and becomes a row in the process you already certify.
Get the package
Distribution is a checksummed zip containing the Update Set XML and the install guide — verify the .sha256 before importing into production. Full setup, push/pull configuration, and troubleshooting live in the ServiceNow integration docs.