Introduction
The ServiceNow Incident API allows you to manage your IT service management processes from one place. Use the API to log or update incident tickets for KPN products and services you use.
API specification
Base URL
https://api-prd.kpn.com/network/kpn/incident
Conceptual model
Prerequisites
You need to be a KPN business market customer and have a KPN service contract for the products and services bought from KPN.
Definitions
CI
A configuration item (CI) is any service component, infrastructure element, or other item that needs to be managed in order to ensure the successful delivery of services.
Ticket
A ticket is a log file of a reported incident with a contracted KPN service or piece of KPN equipment. The ticket describes the situation, reports a contact person and is stored in the ServiceNow system.
Base64
Base64 is an encoding algorithm that allows you to transform any characters into an alphabet that consists of Latin letters, digits, plus and slash.
API workflow
Features and constraints
Features
- Create a new incident ticket in ServiceNow.
- Comment to an existing ticket.
- Reopen a previously resolved ticket.
- Close a resolved ticket.
- Attachments to incidents are supported.
Constraints
- CI type must be chosen from a predefined list of values.
- Attachments must be Base64 encoded.
- Maximum total size of attachments is 10Mb.
Getting started
Make sure you've read What's in it for you for more info on how to register and start testing APIs.
Authentication
The API follows the KPN Store API Authentication Standard to secure the API. It includes the use of OAuth 2.0 client_id and client_secret to receive an access token.
Go to the Authentication tab on top of this page to find out how to:
- Authenticate to an API using cURL.
- Authenticate to an API on Swaggerhub.
- Import Open API Specifications (OAS), also called Swagger files into Postman.
How to...
Create a new Incident-ticket
The following endpoint creates a new incident-ticket:
POST /NewIncident
Request
You can send JSON content in the request body:
^^Request example^^
{
"reference_number": "ABC1234",
"short_description": "Test short description.",
"description": "Test description.",
"ci": "ESB BIZTALK KPN",
"service": "string",
"attachments": [
{
"name": "test.txt",
"content": "IQ0KZW5hYmxlIHNlY3JldCBjaXNjbw0KIQ0KIQ0KIQ0KIQ0KIQ0KIQ0KIQ0Kbm8gaXAgc291cmNlLXJvdXRlDQohDQohDQohDQohDQohDQohDQohDQohDQoNCg0KIQ0KaXAgd1ZXVlIDEwMCBvdCiBwZXJtaXQgdWQogdHJhbnNwb3J0IGlucHV0IHRlbG5ldA0KIQ0KZW5k"
}
]
}
| Item | Description |
|---|---|
reference_number |
Unique reference number from the source system. |
short_description |
A short description of the incident. |
ci |
The CI or service for which the incident is reported. |
description |
Details on the incident. |
service |
Service applicable for ticket. |
attachment name |
Name of the file with file extension. |
attachment content |
Base64 coded content of the attachment. |
Response
The response provides you with the ticket number and the reference number of the incident.
^^Response example^^
{
"result": {
"state": "inserted",
"ticket_number": "INC1234",
"reference_number": "ABC1234",
"sys_id": "e61ba982db43db807f1f14794b961943",
"note": "INC1234 Incident is created successfully."
}
}
Update an incident
The following endpoint updates an incident-ticket:
PATCH /UpdateIncident
Request
Send JSON content in the request body:
^^Example request`^^
{
"action": "Comment",
"comment": "New comment update",
"ticket_number": "INC1234",
"reference_number": "ABC1234",
"attachments": [
{
"name": "test.txt",
"content": "IQ0KZW5hYmxlIHNlY3JldCBjaXNjbw0KIQ0KIQ0KIQ0KIQ0KIQ0KIQ0KIQ0Kbm8gaXAgc291cmNlLXJvdXRlDQohDQohDQohDQohDQohDQohDQohDQohDQoNCg0KIQ0KaXAgd1ZXVlIDEwMCBvdCiBwZXJtaXQgdWQogdHJhbnNwb3J0IGlucHV0IHRlbG5ldA0KIQ0KZW5k"
}
]
}
| Item | Description |
|---|---|
action |
Displays either Comment, Close or Reopen. |
comment |
Displays the comment. |
ticket_number |
Reference number that was received upon creating the incident ticket. |
reference_number |
Unique reference number from the source system. |
attachment name |
Name of the file with the file extension. |
attachment content |
Base64 coded content of the attachment. |
Response
The response provides you with the ticket number and the reference number of the updated incident.
Retrieve active incidents
This endpoint returns all active incidents that were issued by you.
GET /GetActiveIncidents
Request
You don't need to provide any parameters.
Response
^^Response example^^
{
"result": [
{
"reference_number": "INC1234",
"short_description": "short note",
"state": "Finished",
"ticket_number": "INC1234"
}
]
}
Retrieve single incident
This endpoint returns all data of a single incident:
GET //GetIncident/{ticket number}
Request
Send the ticket number as the path parameter.
Response
^^Response example^^
{
"result": {
"ticket_number": "INC1234",
"reference_number": "ABC1234",
"short_description": "short note",
"state": "Finished",
"company": "KPN B.V.",
"description": "textual description",
"contact": "B. Person",
"user": "A. Person",
"category": "Incident",
"priority": "Incident Ticket Priority 1,2,3",
"impact": "Incident Ticket Impact 1,2,3",
"urgency": "Incident Ticket urgency 1,2,3",
"ci": "XYZ_001P",
"customer_service": "Diensten",
"service_component": "Service",
"sla_due": {},
"pending_reason": "awaiting vendor",
"required_information": "Please provide documentation",
"reason_user_required": "test solution provided",
"close_code": "Finished",
"solution": "Software Installed"
}
}
The response returns all details of the incident, including priority, impact, urgency and pending reason.
Return codes
| Code | Description |
|---|---|
| 200 | Success. |
| 201 | Created. |
| 202 | Accepted. |
| 302 | Found. Link in location header. |
| 400 | Bad request. |
| 401 | Unauthorized. |
| 403 | Forbidden. |
| 404 | Not found. |
| 405 | Method not allowed. |
| 412 | Precondition failed. |
| 429 | Too many requests. |
| 500 | Internal server error. |
| 502 | Bad gateway. |
| 503 | Service unavailable. |
HTTP response headers
The following tables display the standard response headers that are returned with each API response:
| Standard response field name | Description |
|---|---|
| sunset | This field will be populated with the deprecation details. By default the value is n/a. |
| api-version | Indicates the API version you have used. |
| quota-interval | Used to specify an integer (for example, 1, 2, 5, 60, and so on) that will be paired with the quota-time-unit you specify (minute, hour, day, week, or month) to determine a time period during which the quota use is calculated. For example, an interval of 24 with a quota-time-unit of hour means that the quota will be calculated over the course of 24 hours. |
| quota-limit | Number of API calls an user can make within a given time period. If this limit is exceeded, the user will be throttled and API requests will fail. |
| quota-reset-UTC | All quota times are set to the Coordinated Universal Time (UTC) time zone. |
| quota-time-unit | Used to specify the unit of time applicable to the quota. For example, an interval of 24 with a quota-time-unit of hour means that the quota will be calculated over the course of 24 hours. |
| quota-used | Number of API calls made within the quota. |
| strict-transport-security | The HTTP Strict-Transport-Security (HSTS) response header lets a website tell browsers that it should only be accessed using HTTPS, instead of using HTTP. All present and future subdomains will be HTTPS for a maximum of 1 year and access is blocked to pages or sub domains that can only be served over HTTP including HSTS preload lists of web browsers. Strict-Transport-Security: max-age=31536000; includeSubDomains; preload. |
| Access control field name | Description |
| access-control-allow-credentials | Tells browsers whether to expose the response to frontend JavaScript when the request's credentials mode (Request.credentials) is include. When a request's credentials mode (Request.credentials) is include, browsers will only expose the response to frontend JavaScript if the Access-Control-Allow-Credentials value is true. Boolean. |
| access-control-allow-origin | Indicates whether the response can be shared with requesting code from the given origin. |
| access-control-allow-headers | Used in response to a pre-flight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request. |
| access-control-max-age | Indicates how long the results of a pre-flight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached. |
| access-control-allow-methods | Indicates which HTTP methods are allowed on a particular endpoint for cross-origin requests.For example: GET, PUT, POST, DELETE. |
| content-length | The Content-Length entity header indicates the size of the entity-body, in bytes, sent to the recipient. |
| content-type | The Content-Type entity header the client what the content type of the returned content actually is. |