When I first shared this integration last year, it was built and tested on the Xanadu release. I’m happy to confirm that the same approach still works perfectly on Yokohama, with only a few minor adjustments needed for UI consistency.
In this post, I’ll walk through how to integrate Secured Signing with ServiceNow to streamline digital document signing directly within your workflows — without relying on extra subscriptions or external tools.
This setup is especially useful for HR, contractor, and onboarding processes, where signed forms are required as part of approvals or case resolutions.
Why Secured Signing?
Secured Signing provides a secure and compliant way to capture legally binding signatures. It’s an excellent fit for organisations that need a simple, API-based e-signature solution without the heavy cost or complexity of larger providers.
What You’ll Need
- A ServiceNow instance (tested on Xanadu and Yokohama)
- An active Secured Signing account with API access
- Basic knowledge of Flow Designer, Scripted REST APIs, and UI Actions
- Administrator access to create or modify IntegrationHub actions or custom scripts
High-Level Flow
- A user submits a form or triggers a workflow (e.g. a contractor engagement request).
- ServiceNow sends document data and recipient details to Secured Signing via a REST message.
- Secured Signing returns a signing link or status, which ServiceNow stores and tracks in the case record.
- Once the document is signed, the signed copy and metadata are automatically returned and attached to the record in ServiceNow.
Key Components
- REST Message: Create a message to the Secured Signing API endpoint.
- Scripted Action: Handle token generation, request payload, and response parsing.
- Flow Designer Integration: Trigger the action after approval or form submission.
- Attachment Handling: Automatically store the signed document in the relevant case or request.
Step 1: Review Secured Signing API Documentation
- Familiarisation:
Before starting the integration, familiarise yourself with the Secured Signing API documentation, which follows a standard REST API structure. You can find their API guide here:
Secured Signing API with OAuth2 Documentation - Sending and Receiving Documents via Secured Signing API
If your use case involves sending a PDF from ServiceNow to external users (such as clients), and you need the signed PDF returned, you may read this document first:
https://www.securedsigning.com/support/smart-tag-api/#basic
1st Obtain Access Token
The first step is to generate an access token, which will be explained in detail in Stage 2 of this guide.
2nd Upload the File to Secured Signing
Use the Document/Uploader API to upload your file to Secured Signing. Once uploaded, the file will be temporarily saved in an invisible inbox. Upon successful upload, the API will return a Document Reference number. You will use this reference in the next steps.
3rd Send the Document for Signing
Pass the Document Reference to the SmartTag/Send API. This step initiates the document-signing process and sends the PDF to the recipient. The recipient’s email address will be detected automatically from the smart tags used in the document. A sample document illustrating this will be provided for reference.
4th Receive the Signed Document
for getting document back, the signed document will be emailed back to the account owner and signers by default, and you can also get them via API, just call /Download/GetDocumentData/{DocumentReference} with Get method.
Step 2: Sign-up for Secured Signing account
Step 3: Create the connection in ServiceNow
3.1 Connect to an OAuth Provider
- You should be able to set-up now the connection in ServiceNow by creating the OAuth Profile in ServiceNow to test your connection with Secured Signing.
Terms to know- In ServiceNow, the Application Registry is used to set up and manage connections to external services that use OAuth for secure authentication and authorization.
- An OAuth provider is a service that grants access to its resources through tokens, like Google, Microsoft, DocuSign, or in this case, Secured Signing. Setting up an OAuth provider in ServiceNow allows the platform to securely interact with these external services, enabling users to access or share data without needing to store usernames and passwords directly in ServiceNow.
- Before you start, ensure your Application scope in ServiceNow is set to Global.
- Navigate to the System oAuth ->Application Registry. Click create a new oAuth Profile.
- Select > Connect to an OAuth Provider (simplified)
- Enter the following information:
| Ref | Field name | Value | Comments |
| 01 | Name | SecuredSign OAuth | This can be any name of your choice but would recommend to use the external service/app’s name |
| 02 | Client ID | Client ID is the “API Key” from the API settings in Secured Signing | |
| 03 | Client Secret | Client Secret is the “Secret” from the API settings in Secured Signing | |
| 04 | Default Grant type | Authorization Code | |
| 05 | Authorization URL | https://www.dsx.co.nz/api/oauth2/authorize | This is dependent to the sandbox given to you (see Step 1 of Stage 1): |
| 06 | Token URL | https://www.dsx.co.nz/api/oauth2/token | |
| 07 | Redirect URL | https://{instance_name}.service-now.com/oauth_redirect.do |
6. Click Submit (or Save if you want to be redirected to the same page).
7. Edit the form and add more information:
| Ref | Field name | Value | Comments |
| 08 | OAuth API Script | OAuthUtil | |
| 09 | Accessible from | All application Scopes | |
| 10 | Use mutual authentication | Don’t tick | |
| 11 | Send Credentials | In Request Body (Form URL-Encoded) |
8. Below the screen, there is a tab for OAuth Entity Profile. Click Insert a new row to enter the following information:
| Ref | Field name | Value |
| 01 | Name | SecuredSign OAuth default profile |
| 02 | Is default | True |
| 03 | Grant type | Authorization Code |
9. Click Update to update the Application Registries record.
10. Now go back to the tab OAuth Entity Profile below the form. Click on the newly created record: SecuredSign OAuth default profile.
11. On this page, double click on Insert a new row under OAuth Entity Profile Scopes to add a scope. Click the magnifying glass pictured below to open a list of existing scopes:
Scopes are tied to OAuth providers. Since the provider you’re setting up is new, you will also need to create new scopes for it. Configure a new scope as follows:
12. Click Submit. Your Oauth Entity Profile record should now look something like this:
3.2 Create Credentials
- In ServiceNow, navigate to Integration Hub > Credentials.
- Click Create New, select OAuth 2.0 and enter the following information:RefField nameValue01NameSecuredSigning OAuth Credential02OAuth Entity Profile{Select SecuredSigning OAuth default profile}03Applies toAll MID Servers04Order100
- Save your record.
- Click the link Get OAuth Token. If all the steps above is successful, you should be able to get a valid OAuth refresh token, like below screenshot (highlighted in blue table):
- If you encounter an error such as Invalid token or token has expired. Stay on this window. Open another window and login to SecuredSigning using the administrator account. Go to My Account > My Settings > API Settings > Connected Apps. Then find the ServiceNow Instance connected in SecuredSigning. Click Disconnect This App.
- Go back to ServiceNow and click the Get OAuth token link again.
- This should resolve the issue.
Step 4: Test your connection in Postman
What is Postman
Postman is a tool for testing and working with APIs, helping developers send requests and get responses from servers. You can use it to check if APIs work correctly, automate tests, and share your work with others. To use Postman, download it from their website, create an account, and start making requests by entering an API endpoint and clicking “Send.” You can save and organise requests, collaborate with others, and even write simple automated tests. It’s great for developers and teams to ensure APIs run smoothly.
You can also use Postman in the browser by visiting Postman Web , which doesn’t require installing the app. However, the desktop version may offer more robust features
Create the sample collection and file
- Save this as a JSON file:
{
"info": {
"_postman_id": "43ec7849-6d03-46fa-bbd4-bf1a6e60a8cc",
"name": "BasicSmartTag",
"schema": "https://schema.getpostman.com/json/collection/v2.0.0/collection.json",
"_exporter_id": "10322427",
"_collection_link": "https://securedsigning.postman.co/workspace/Secured-Signing-Workspace~e590d123-e56d-482d-8032-9b16baa8a89d/collection/10322427-43ec7849-6d03-46fa-bbd4-bf1a6e60a8cc?action=share&source=collection_link&creator=10322427"
},
"item": [
{
"name": "UploaderRequest",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = JSON.parse(responseBody);\r",
"pm.collectionVariables.set(\"UploadedDocRef\", jsonData.Reference);"
],
"type": "text/javascript",
"packages": {}
}
}
],
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "formdata",
"formdata": [
{
"key": "file",
"type": "file",
"src": "/G:/smart tag samples/sample.rtf"
}
]
},
"url": "https://api.dsx.co.nz/web/v1.4/Document/Uploader",
"description": "Uploads a file by multipart form"
},
"response": []
},
{
"name": "BasicSmartTagSend",
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\r\n \"DocumentReferences\": [\r\n \"{{UploadedDocRef}}\"\r\n ]\r\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": "https://api.dsx.co.nz/web/v1.4/SmartTag/Send"
},
"response": []
}
],
"auth": {
"type": "bearer",
"bearer": {
"token": ""
}
},
"event": [
{
"listen": "prerequest",
"script": {
"type": "text/javascript",
"packages": {},
"exec": [
""
]
}
},
{
"listen": "test",
"script": {
"type": "text/javascript",
"packages": {},
"exec": [
""
]
}
}
],
"variable": [
{
"key": "UploadedDocRef",
"value": ""
}
]
}- Create a PDF file and put this anywhere on the document. Replace it with your name and your valid email address.
sample
[!Sign.1,Arlene,H,arlene.h@example.com]Run the collection
- Before we test the connection in Postman, we need to understand how SecuredSigning works. I have explained this in Step 1 above. To reiterate:
1st is you need to get the access token, which we have just completed in the previous stage.
2nd is you use “Document/Uploader” API to upload the file to Secured Signing. It will then be temporarily saved in an invisible Inbox. If successful, it will then return a document “Reference” number. Which you will then use in the next step.
3rd is you pass the document “Reference” to smart tag “SmartTag/Send” API. When you pass it, Secured Signing then sends it to the recipient. It detects the recipient’s email address from the smart tag you write in the document. Syntax is:[!Sign.#,RecipientFirstName,RecipientLastName,RecipientEmail]
Note:
The “#” symbol indicates the order of signatures. If there are multiple signers, assign numbers based on the desired signing sequence, starting with the first recipient.
4th If you need to return the completed signed forms to ServiceNow via email (to trigger an Inbound Action), include the following tag in your document. The required syntax is:[!Recipient.C,RecipientFirstName, RecipientLastName,RecipientEmail]
And as an example:[!Recipient.N,ServiceNow,DEV,instancename@service-now.com] - Save the attached pre-configured Postman collection: BasicSmartTag.
- Go to Postman or open an account.
- Click Import and select the file you have just saved (ie. BasicSmartTag.postman_collectionjson).
- After importing the collection into Postman, follow these steps:
a. Get your access token from your ServiceNow instance > Manage tokens. Find the latest record for SecuredSigning OAuth.
b. Open the record. Click the lock icon of the field Token received as shown below. Copy this as you will need this in the next step.
c. Go back to Postman and go to the BasicSmartTag collection’s Authorization tab and input your access token. Don’t forget to click the Save button.
d. The Document/Uploader API is named as UploadRequest in this Collection. e. In the UploaderRequest API’s body, select a file from your computer (use the downlaoded sample.pdf file provided above).
f. Click Send—you should see the message below.
g. If the connection was successful, you should receive a reference in the response:
h. The SmartTag/Send API is named as BasicSmartTagSend in this Collection. i. Then, run the BasicSmartTagSend request by clicking on the Send button below:
j. If it is successful, you should see the below screen:
Step 5: Implementing Postman Logic for Secured Signing API in ServiceNow
Secured Signing requires file uploads to their API in multipart/form-data format, which is essential for sending documents or binary data for processing. However, integrating this capability into ServiceNow is not straightforward, as ServiceNow lacks native syntax for sending attachments in this format without IntegrationHub. Despite this limitation, it can still be achieved using ServiceNow’s internal REST API.
In summary, there are two main approaches to this integration:
- Using Flow Designer (via IntegrationHub)
Multipart/form-data requests can be efficiently handled through the REST action step in Flow Designer, available with the IntegrationHub plugin. This approach simplifies configuration, allowing you to easily send multipart requests if IntegrationHub is available in your instance. I will cover the detailed steps in a separate section. - The Classic Way
If IntegrationHub is unavailable or you prefer greater control, you can manually implement multipart/form-data requests using ServiceNow’s internal REST API. This requires scripting techniques, such as using response.getStreamWriter(), to handle binary data and fulfill Secured Signing’s API requirements. While this method offers more flexibility, it involves more coding effort.
Leave a Reply