ServiceNow
ServiceNowsaas4 credentials
Local/User Password
servicenow / local-user-password
ServiceNow users authenticate through local passwords, SSO, LDAP, or external identity providers. Local admin/service users and integration users remain important credentials for UI, REST, SOAP, and MID Server operations.
Location
ServiceNow UI, REST API, SOAP API, and inbound integrationssys_user and related authentication records within the instance
enterprise password vaults and integration credential stores
integration scripts, MID Server configs, and CI/CD variables
system logs, transaction logs, and integration debug logs
OAuth / Personal Access Token
servicenow / personal-access-token-oauth
ServiceNow supports OAuth applications, bearer tokens, refresh tokens, and API key-style credentials for integrations.
Location
AuthorizationBearer token or Basic credentials used by REST/SOAP clients
OAuth application, token, and refresh token records in the instance
integration configs, appsettings, scripts, Postman collections, and .env files
SERVICENOW_TOKEN, SN_TOKEN, SNOW_TOKEN, SERVICENOW_CLIENT_SECRETCI/CD variables, credential stores, and vaults
REST debug logs, integration logs, and MID Server logs
API Key
servicenow / api-key
ServiceNow API key records can authenticate selected integrations or protect scripted APIs depending on plugin and configuration.
Location
x-sn-apikeyServiceNow API key header used by API key authentication
API key records and access policy configuration
client scripts, integration settings, and API collections
password vaults and CI/CD secret variables
HTTP traces and integration debug logs
MID Server / Credential Store Secret
servicenow / mid-server-and-credential-store
ServiceNow stores discovery/orchestration credentials and MID Server secrets for LDAP, SSH, Windows, SNMP, cloud, and application integrations.
Location
credential tables, discovery credentials, OAuth profiles, and MID Server configuration records
ServiceNow credential store, external credential resolvers, and enterprise vaults
MID Server config.xml, wrapper config, and integration property files
MID Server agent logs, ECC queue payload traces, and discovery logs
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.