Connect ServiceNow to ChatGPT: Manage ITSM Workflows and User Data

You want to connect ServiceNow to ChatGPT so your AI agents can triage IT incidents, update user records, and draft problem resolutions based on historical CMDB context. If your team uses Claude, check out our guide on connecting ServiceNow to Claude or explore our broader architectural overview on connecting ServiceNow to AI Agents.

Giving a Large Language Model (LLM) read and write access to a sprawling IT Service Management (ITSM) ecosystem is an engineering challenge. ServiceNow is not a simple REST API; it is a massive relational database exposed over HTTP. You either spend weeks building, hosting, and maintaining a custom Model Context Protocol (MCP) server, or you use a managed infrastructure layer that handles the boilerplate for you.

This guide breaks down exactly how to use Truto to generate a secure, managed MCP server for ServiceNow, connect it natively to ChatGPT, and execute complex support workflows using natural language.

The Engineering Reality of the ServiceNow API

A custom MCP server is a self-hosted integration layer that translates an LLM's tool calls into REST API requests. While the open MCP standard provides a predictable way for models to discover tools, the reality of implementing it against vendor APIs is painful. If you decide to build a custom MCP server for ServiceNow, you own the entire API lifecycle.

Here are the specific integration challenges that break standard CRUD assumptions when working with ServiceNow:

The 32-Character sys_id Bottleneck

ServiceNow relies on a 32-character hexadecimal globally unique identifier called a sys_id for absolutely everything. If an LLM decides to "assign this incident to Sarah in Network Ops", it cannot simply pass "Sarah" to the assigned_to field. It must first query the sys_users table to find Sarah's sys_id, then query the sys_user_group table to find the Network Ops sys_id, and finally inject those exact hex strings into the incident update payload. If your MCP server cannot dynamically expose these resolution endpoints to the LLM, the agent will hallucinate invalid string names and the API request will fail.

Strict Access Control Lists (ACLs) and Silent Failures

ServiceNow employs incredibly strict, row-level and column-level ACLs. If an API user queries an incident table but lacks permission to view the work_notes field, the API does not return a helpful error. It simply drops the work_notes column from the JSON response. If your LLM expects that field to exist based on a static JSON schema, it will break. Your MCP tool definitions must accurately reflect the permissions of the underlying integrated account. For a deeper look at these technical requirements, see our ServiceNow integration guide.

Factual Note on Rate Limits and 429 Errors

ServiceNow instances often sit behind strict API quotas. When a runaway AI agent attempts to ingest thousands of CMDB records at once, it will hit rate limits. Truto does not retry, throttle, or apply backoff on rate limit errors. When the upstream ServiceNow API returns an HTTP 429, Truto passes that error directly to the caller.

What Truto does do is normalize the upstream rate limit information into standardized headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset) per the IETF specification. The caller - whether that is your application logic or the LLM framework - is entirely responsible for implementing retry and exponential backoff strategies.

The Managed MCP Approach

Instead of forcing your engineering team to build custom server infrastructure, Truto dynamically generates an MCP server from your integrated ServiceNow account.

Truto derives MCP tools directly from the integration's documented API resources. A tool only appears in the MCP server if it has a corresponding documentation entry - acting as a quality gate to ensure only well-documented endpoints are exposed to the LLM. Each MCP server is scoped to a single connected ServiceNow instance and authenticated via a secure, cryptographic token in the URL.

How to Generate a ServiceNow MCP Server

You can spin up a dedicated MCP server for any connected ServiceNow account using either the Truto UI or the API.

Method 1: Via the Truto UI

This is the fastest method for internal testing and one-off workflows.

1. Navigate to the integrated account page for your ServiceNow connection in the Truto dashboard.
2. Click the MCP Servers tab.
3. Click Create MCP Server.
4. Select your desired configuration. You can filter by methods (e.g., read-only), specific tags, and set an expiration date.
5. Copy the generated MCP server URL. It will look like https://api.truto.one/mcp/a1b2c3d4e5f6...

Method 2: Via the API

For production use cases and programmatic provisioning, use the REST API. The API validates the available tools, generates a secure token, stores it in distributed KV storage for immediate edge availability, and returns a ready-to-use URL.

Endpoint: POST /integrated-account/:id/mcp

{
  "name": "ServiceNow ITSM Agent",
  "config": {
    "methods": ["read", "write"],
    "tags": ["incident", "problem", "users"]
  },
  "expires_at": "2026-12-31T23:59:59Z"
}

The response returns the server details alongside the authentication URL:

{
  "id": "mcp_srv_9x8y7z",
  "name": "ServiceNow ITSM Agent",
  "config": { "methods": ["read", "write"] },
  "expires_at": "2026-12-31T23:59:59Z",
  "url": "https://api.truto.one/mcp/a1b2c3d4e5f67890"
}

How to Connect the MCP Server to ChatGPT

Once you have your Truto MCP URL, you must register it with your LLM client. All communication happens over HTTP POST utilizing JSON-RPC 2.0 messages.

Method A: Via the ChatGPT UI

If you are using the ChatGPT Desktop app or web interface on an eligible plan (Pro, Plus, Team, Enterprise):

1. Open ChatGPT and navigate to Settings.
2. Go to Apps -> Advanced settings.
3. Enable Developer mode (MCP support requires this flag to be active).
4. Under MCP servers or Custom connectors, click Add a new server.
5. Provide a name (e.g., "ServiceNow Dev Instance").
6. Paste your Truto MCP URL into the Server URL field.
7. Click Save. ChatGPT will perform an initialization handshake to fetch the available tool schemas.

Method B: Via Manual Config File

If you are running a local agent, Cursor, or a custom UI that relies on standard MCP configuration files, you configure the server using the Server-Sent Events (SSE) transport adapter.

Create or update your mcp.json file:

{
  "mcpServers": {
    "servicenow-truto": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-sse",
        "https://api.truto.one/mcp/a1b2c3d4e5f67890"
      ]
    }
  }
}

Note: The @modelcontextprotocol/server-sse package acts as a bridge, translating standard stdio MCP communication into the HTTP POST requests that Truto's proxy router expects.

Hero Tools for ServiceNow Automation

When ChatGPT connects, it receives a flat array of available tools derived from ServiceNow's API schemas. Because ServiceNow has hundreds of tables, Truto generates distinct tools for each supported resource.

Here are the highest-leverage operations for ITSM automation:

1. List Sys Users (list_all_service_now_sys_users)

Before an LLM can assign a ticket or mention a user, it must locate their sys_id. This tool lists sys_users records, returning critical fields like sys_id, email, and name. The LLM should be instructed to use query parameters to filter by email or exact name.

"I need to assign an incident to David Smith. Search the ServiceNow sys_users table for a user with the name David Smith and return his sys_id."

2. Get Knowledge Article (get_single_service_now_kb_knowledge_by_id)

Resolving complex incidents often requires internal documentation. This tool fetches a specific kb_knowledge record by its sys_id. The LLM can read the article body and summarize troubleshooting steps for the user.

"Retrieve the knowledge base article with sys_id '8a9b2c3d4e5f6a7b8c9d0e1f2a3b4c5d'. Summarize the VPN reset instructions detailed in the text."

3. Create an Incident (create_a_service_now_incident)

This is the core of ITSM ticketing. It creates a record in the incident table, returning the new sys_id, human-readable number (e.g., INC0010203), and state. The LLM must supply the short_description, caller_id (a sys_id), and impact/urgency scores.

"Create a new high-priority incident for user sys_id 'b2c3d4e5f6...'. The short description should be 'Core Database Cluster Unreachable', set the urgency to 1, and the impact to 1."

4. Update an Incident (update_a_service_now_incident_by_id)

Once work is performed, the LLM uses this tool to change states, add work notes, or reassign tickets. It requires the incident's sys_id (not the INC number).

"Update the incident with sys_id 'd4e5f6a7b...'. Add a work note saying 'Rebooted the secondary cluster, monitoring telemetry' and change the state to 'In Progress'."

5. List Problems (list_all_service_now_problem)

Problem management tracks root causes behind multiple incidents. This tool allows the LLM to search the problem table for known active issues to avoid creating duplicate triage efforts.

"List all active records in the problem table that contain the phrase 'Memory Leak' in the short description. I want to see if we already have a root cause investigation open."

6. Create a Change Request (create_a_service_now_change_request)

Modifying production infrastructure requires a change record. This tool creates an entry in the change_request table. The LLM must provide the justification, implementation plan, and backout plan in the body payload.

"Create a standard change request to upgrade the Redis cache instances. The justification is 'Security patch CVE-2026-1029'. Include a brief implementation and backout plan based on standard procedures."

For a complete list of endpoints, schemas, and supported tables, view the ServiceNow integration page.

Workflows in Action

Exposing these tools to ChatGPT enables multi-step, autonomous workflows that drastically reduce mean-time-to-resolution (MTTR). Here is how a standard persona interacts with the agent.

Workflow 1: L1 Incident Triage and KB Resolution

An IT support agent receives an alert about an obscure error code and asks the AI to investigate, find a solution, and log the interaction.

"A user named Alice Johnson is reporting error code ORA-01033 when accessing the finance portal. Check if there are any active problem records for this. If not, check the knowledge base for that error, summarize the fix, and create an incident for Alice logging this issue."

Execution Steps:

1. The agent calls list_all_service_now_problem searching for "ORA-01033". It finds nothing.
2. The agent calls list_all_service_now_kb_knowledge searching for the error. It finds an article and calls get_single_service_now_kb_knowledge_by_id to read the exact reboot procedure.
3. The agent calls list_all_service_now_sys_users searching for "Alice Johnson" to extract her sys_id.
4. The agent calls create_a_service_now_incident using Alice's sys_id as the caller, populating the description with the error and the suggested KB resolution.

Result: The LLM returns a conversational summary to the support agent, detailing the required fix and providing the newly generated INC number for tracking.

Workflow 2: Infrastructure Change Request Orchestration

A DevOps engineer needs to plan a maintenance window and asks the AI to orchestrate the paperwork.

"I need to upgrade the core firewall firmware this Saturday at 2 AM. Look up the sys_id for the 'Network Security' group. Then, create a comprehensive change request assigned to that group. Draft a professional implementation plan, backout plan, and test plan based on standard firmware upgrade best practices."

Execution Steps:

1. The agent calls list_all_service_now_sys_user_roles or the relevant department/group query tools to locate the exact sys_id for Network Security.
2. The LLM uses its internal reasoning to draft the technical text for the implementation, backout, and test plans.
3. The agent calls create_a_service_now_change_request, injecting the drafted plans into the correct payload fields and assigning it via the retrieved group sys_id.

Result: The engineer receives the CHG record number. A task that usually takes 20 minutes of form-filling in the ServiceNow UI is completed in 15 seconds.

Security and Access Control

Giving an LLM access to your production ServiceNow instance carries significant risk. Truto's MCP implementation provides strict access controls at the server generation level to limit blast radius:

• Method Filtering: You can restrict a server to specific operations via config.methods. Passing ["read"] ensures the server only exposes get and list operations, physically preventing the LLM from deleting records or altering incident states.
• Tag Filtering: You can restrict the server to specific functional areas using config.tags. For example, setting tags to ["incident_management"] exposes incident tools but hides sys_user and CMDB infrastructure tools from the AI agent.
• API Token Authentication: By default, possession of the MCP URL grants access. For enterprise deployments, setting require_api_token_auth: true forces the client to pass a valid Truto API token in the Authorization header, adding a secondary layer of authentication beyond the cryptographic URL.
• Ephemeral Servers: The expires_at field allows you to provision short-lived servers. Once the timestamp passes, the token is automatically purged from edge KV storage and database records, terminating the LLM's access instantly.

By leveraging a managed MCP server, you abstract away the complexities of ServiceNow's relational architecture, rate limits, and authentication. Instead of forcing your engineering team to maintain massive JSON schemas and complex retry logic, you provide a simple, secure URL to ChatGPT. This shifts the focus from writing boilerplate integration code to designing high-leverage, automated ITSM workflows that actually drive business value.