Many enterprise prospects throughout numerous industries need to undertake Generative AI to drive innovation, person productiveness, and improve buyer expertise. Generative AI–powered assistants resembling Amazon Q Enterprise might be configured to reply questions, present summaries, generate content material, and securely full duties primarily based on knowledge and knowledge in your enterprise programs. Amazon Q Enterprise understands pure language and permits customers to obtain speedy, permissions-aware responses from enterprise knowledge sources with citations. This functionality helps numerous use circumstances resembling IT, HR, and assist desk.
With customized plugins for Amazon Q Enterprise, you possibly can improve the applying setting to allow your customers to make use of pure language to carry out particular duties associated to third-party purposes — resembling Jira, Salesforce, and ServiceNow — straight from inside their internet expertise chat.
Enterprises which have adopted ServiceNow can enhance their operations and enhance person productiveness through the use of Amazon Q Enterprise for numerous use circumstances, together with incident and data administration. Customers can search ServiceNow data base (KB) articles and incidents along with having the ability to create, handle, and observe incidents and KB articles, all from inside their internet expertise chat.
On this put up, we’ll show configure an Amazon Q Enterprise software and add a customized plugin that offers customers the power to make use of a pure language interface supplied by Amazon Q Enterprise to question real-time knowledge and take actions in ServiceNow. By the top of this hands-on session, it’s best to be capable to:
- Create an Amazon Q Enterprise software and combine it with ServiceNow utilizing a customized plugin.
- Use pure language in your Amazon Q internet expertise chat to carry out learn and write actions in ServiceNow resembling querying and creating incidents and KB articles in a safe and ruled trend.
Stipulations
Earlier than continuing, just be sure you have the mandatory AWS account permissions and providers enabled, together with entry to a ServiceNow setting with the required privileges for configuration.
AWS
ServiceNow
- Get hold of a ServiceNow Personal Developer Instance or use a clear ServiceNow developer setting. You will have an account that has admin privileges to carry out the configuration steps in ServiceNow.
Resolution overview
The next structure diagram illustrates the workflow for Amazon Q Enterprise internet expertise with enhanced capabilities to combine it seamlessly with ServiceNow.
The implementation consists of the next steps:
- The answer begins with configuring Amazon Q Enterprise utilizing the AWS Administration Console. This consists of establishing the applying setting, including customers to AWS IAM Identification Heart, choosing the suitable subscription tier, and configuring the net expertise for customers to work together with. The setting can optionally be configured to offer real-time knowledge retrieval utilizing a local retriever, which pulls data from listed knowledge sources, resembling Amazon Easy Storage Service (Amazon S3), throughout interactions.
- The following step includes adjusting the worldwide controls and response settings for the applying setting guardrails to permit Amazon Q Enterprise to make use of its massive language mannequin (LLM) data to generate responses when it can’t discover responses out of your linked knowledge sources.
- Integration with ServiceNow is achieved by establishing an OAuth Inbound application endpoint in ServiceNow, which authenticates and authorizes interactions between Amazon Q Enterprise and ServiceNow. This includes creating an OAuth API endpoint in ServiceNow and utilizing the net expertise URL from Amazon Q Enterprise because the callback URL. The setup makes positive that Amazon Q Enterprise can securely carry out actions in ServiceNow with the identical scoped permissions because the person signing in to ServiceNow.
- The ultimate step of the answer includes enhancing the applying setting with a customized plugin for ServiceNow utilizing APIs outlined in an OpenAPI schema. The plugin permits Amazon Q Enterprise to securely work together with ServiceNow’s REST APIs, enabling operations resembling querying, creating, and updating information dynamically and in actual time
Configuring the Amazon Q Enterprise software
To create an Amazon Q Enterprise software, register to the Amazon Q Enterprise console.
As a prerequisite to creating an Amazon Q Enterprise software, observe the directions in Configuring an IAM Identification Heart occasion part. Amazon Q Enterprise integrates with IAM Identification Heart to allow managing person entry to your Amazon Q Enterprise software. That is the advisable methodology for managing human entry to AWS assets and the tactic used for the aim of this weblog.
Amazon Q Enterprise additionally helps id federation by means of IAM. If you use id federation, you possibly can handle customers together with your enterprise id supplier (IdP) and use IAM to authenticate customers after they register to Amazon Q Enterprise.
Create and configure the Amazon Q Enterprise software:
- Within the Amazon Q Enterprise console, select Utility from the navigation pane after which select Create software.
- Enter the next data in your Amazon Q Enterprise software:
- Utility title: Enter a reputation for fast identification, resembling
my-demo-application. - Service entry: Choose the Create and use a brand new service-linked position (SLR). A service-linked position is a novel kind of IAM position that’s linked on to Amazon Q Enterprise. Service-linked roles are predefined by Amazon Q Enterprise and embody the permissions that the service requires to name different AWS providers in your behalf.
- Select Create.
- Utility title: Enter a reputation for fast identification, resembling
- After creating your Amazon Q Enterprise software setting, create and choose the retriever and provision the index that may energy your generative AI internet expertise. The retriever pulls knowledge from the index in actual time throughout a dialog. On the Choose Retriever web page:
- Retrievers: Choose Use native retriever.
- Index provisioning: Choose Starter, which is right for proof-of-concept or developer workloads. See Index sorts for extra data.
- Variety of models: Enter
1. This means the capability models that you simply need to provision in your index. Every unit is 20,000 paperwork. Select Subsequent. - Select Subsequent.
- After you choose a retriever in your Amazon Q Enterprise software setting, you possibly can optionally join different knowledge sources to it. As a result of an information supply isn’t required for this session, we gained’t configure one. For extra data on connecting knowledge sources to an Amazon Q Enterprise software, see connecting knowledge sources.
- As an account admin, you possibly can add customers to your IAM Identification Heart occasion from the Amazon Q Enterprise console. After you add customers or teams to an software setting, you possibly can then select the Amazon Q Enterprise tier for every person or group. On the Add teams and customers web page:
- Select Add teams and customers.
- Within the Add new customers dialog field that opens, enter the main points of the person. The small print you need to enter for a single person embody: Username, First title, Final title, e-mail handle, Affirm e-mail handle, and Show title.
- Select Subsequent after which Add. The person is robotically added to an IAM Identification Heart listing and an e-mail invitation to hitch Identification Heart is distributed to the e-mail handle supplied.
- After including a person or group, select the Amazon Q Enterprise subscription tier for every person or group. From the Present subscription dropdown menu, choose Q Enterprise Professional.
- For the Net expertise service entry, choose Create and use a brand new service position.
- Select Create software.
Upon profitable completion, Amazon Q Enterprise returns an internet expertise URL you could share with the customers you added to your software setting. The Net expertise URL (on this case: https://xxxxxxxx.chat.qbusiness.us-east-1.on.aws/) can be used when creating an OAuth application endpoint in ServiceNow. Word that your internet expertise URL can be totally different from the one proven right here.
Enhancing an Amazon Q Enterprise software with guardrails
By default, an Amazon Q Enterprise software is configured to reply to person chat queries utilizing solely enterprise knowledge. As a result of we didn’t configure an information supply for the aim of this put up, you’ll use Admin controls and guardrails to permit Amazon Q to make use of its LLM world data to generate responses when it can’t discover responses out of your linked knowledge sources.
Create a customized plugin for ServiceNow:
- From the Amazon Q Enterprise console, select Purposes within the navigation pane. Choose the title of your software from the listing of purposes.
- From the navigation pane, select Enhancements, after which select Admin Controls and guardrails.
- In World Controls, select Edit.
- In Response settings below Utility guardrails, choose Enable Amazon Q to fall again to LLM data.
Configuring ServiceNow
To permit Amazon Q Enterprise to connect with your ServiceNow occasion, it’s worthwhile to create an OAuth inbound software endpoint. OAuth-based authentication validates the id of the shopper that makes an attempt to determine a belief on the system through the use of an authentication protocol. For extra data, see OAuth Inbound and Outbound authentication.
Create an OAuth application endpoint for exterior shopper purposes to entry the ServiceNow occasion:
- Within the ServiceNow console, navigate to All, then System OAuth, then Utility Registry after which select New. On the interceptor web page, choose Create an OAuth API endpoint for exterior shoppers after which fill within the type with particulars for Identify and Redirect URL. The opposite fields are robotically generated by the ServiceNow OAuth server.
- The Redirect URL is the callback URL that the authorization server redirects to. Enter the net expertise URL of your Amazon Q Enterprise software setting (which is the shopper requesting entry to the useful resource), appended by
oauth/callback. - For this instance, the URL is:
https://xxxxxxxx.chat.qbusiness.us-east-1.on.aws/oauth/callback
- The Redirect URL is the callback URL that the authorization server redirects to. Enter the net expertise URL of your Amazon Q Enterprise software setting (which is the shopper requesting entry to the useful resource), appended by
- For Auth Scope, set the worth to
useraccount. The scope API response parameter defines the quantity of entry granted by the entry token, which signifies that the entry token has the identical rights because the person account that licensed the token. For instance, if Abel Tuter authorizes an software by offering login credentials, then the ensuing entry token grants the token bearer the identical entry privileges as Abel Tuter. - Select Submit.
This creates an OAuth shopper software report and generates a shopper ID and shopper secret, which Amazon Q Enterprise must entry the restricted assets on the occasion. You will have this authentication data (shopper ID and shopper secret) within the following customized plugin configuration course of.
Enhancing the Amazon Q Enterprise software setting with customized plugins for ServiceNow
To combine with exterior purposes, Amazon Q Enterprise makes use of APIs, that are configured as a part of the customized plugins.
Earlier than making a customized plugin, it’s worthwhile to create or edit an OpenAPI schema, outlining the totally different API operations that you simply need to allow in your customized plugin. Amazon Q Enterprise makes use of the configured third-party OpenAPI specifications to dynamically decide which API operations to carry out to meet a person request. Due to this fact, the OpenAPI schema definition has a big effect on API choice accuracy and would possibly require design optimizations. In an effort to maximize accuracy and enhance effectivity with an Amazon Q Enterprise customized plugin, observe the finest practices for configuring OpenAPI schema definitions.
To configure a customized plugin, you need to outline not less than one and a most of eight API operations that may be invoked. To outline the API operations, create an OpenAPI schema in JSON or YAML format. You possibly can create OpenAPI schema information and add them to Amazon S3. Alternatively, you need to use the OpenAPI textual content editor within the console, which is able to validate your schema.
For this put up, a working pattern of an OpenAPI Schema for ServiceNow is supplied in JSON format. Earlier than utilizing it, edit the template file and exchange <YOUR_SERVICENOW_INSTANCE_URL> within the following sections with the URL of your ServiceNow occasion.
You should utilize the REST API Explorer to browse out there APIs, API variations, and strategies for every API. The explorer allows you to take a look at REST API requests straight from the person interface. The Table API gives endpoints that can help you carry out create, learn, replace, and delete (CRUD) operations on present tables. The calling person will need to have ample roles to entry the information within the desk specified within the request. For added data on assigning roles, see Managing roles.
{
"openapi": "3.0.1",
"information": {
"title": "Desk API",
"description": "Means that you can carry out create, learn, replace and delete (CRUD) operations on present tables",
"model": "newest"
},
"externalDocs": {
"url": "https://docs.servicenow.com/?context=CSHelp:REST-Desk-API"
},
"servers": [
{
"url": "YOUR_SERVICENOW_INSTANCE_URL"
}
],
"paths": {
"/api/now/desk/{tableName}": {
"get": {
"description": "Retrieve information from a desk",
"parameters": [
{
"name": "tableName",
"in": "path",
"description": "Table Name",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "sysparm_query",
"in": "query",
"description": "An encoded query string used to filter the results like Incidents Numbers or Knowledge Base IDs etc",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "sysparm_fields",
"in": "query",
"description": "A comma-separated list of fields to return in the response",
"required": false,
"schema": {
"type": "string"
}
},
{
"name": "sysparm_limit",
"in": "query",
"description": "The maximum number of results returned per page",
"required": false,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "okay",
"content material": {
"software/json": {
"schema": {
"$ref": "#/elements/schemas/incident"
}
}
}
}
}
},
"put up": {
"description": "Create a report",
"parameters": [
{
"name": "tableName",
"in": "path",
"description": "Table Name",
"required": true,
"schema": {
"type": "string"
}
}
],
"requestBody": {
"content material": {
"software/json": {
"schema": {
"kind": "object",
"properties": {
"short_description": {
"kind": "string",
"description": "Quick Description"
},
"description": {
"kind": "string",
"description": "Full Description for Incidents solely"
},
"caller_id": {
"kind": "string",
"description": "Caller E mail"
},
"state": {
"kind": "string",
"description": "State of the incident",
"enum": [
"new",
"in_progress",
"resolved",
"closed"
]
},
"textual content": {
"kind": "string",
"description": "Article Physique Textual content for Data Bases Solely (KB)"
}
},
"required": [
"short_description",
"caller_id"
]
}
}
},
"required": true
},
"responses": {
"200": {
"description": "okay",
"content material": {
"software/json": {}
}
}
}
}
},
"/api/now/desk/{tableName}/{sys_id}": {
"get": {
"description": "Retrieve a report",
"parameters": [
{
"name": "tableName",
"in": "path",
"description": "Table Name",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "sys_id",
"in": "path",
"description": "Sys ID",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "sysparm_fields",
"in": "query",
"description": "A comma-separated list of fields to return in the response",
"required": false,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "okay",
"content material": {
"software/json": {},
"software/xml": {},
"textual content/xml": {}
}
}
}
},
"delete": {
"description": "Delete a report",
"parameters": [
{
"name": "tableName",
"in": "path",
"description": "Table Name",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "sys_id",
"in": "path",
"description": "Sys ID",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "okay",
"content material": {
"software/json": {},
"software/xml": {},
"textual content/xml": {}
}
}
}
},
"patch": {
"description": "Replace or modify a report",
"parameters": [
{
"name": "tableName",
"in": "path",
"description": "Table Name",
"required": true,
"schema": {
"type": "string"
}
},
{
"name": "sys_id",
"in": "path",
"description": "Sys ID",
"required": true,
"schema": {
"type": "string"
}
}
],
"requestBody": {
"content material": {
"software/json": {
"schema": {
"kind": "object",
"properties": {
"short_description": {
"kind": "string",
"description": "Quick Description"
},
"description": {
"kind": "string",
"description": "Full Description for Incidents solely"
},
"caller_id": {
"kind": "string",
"description": "Caller E mail"
},
"state": {
"kind": "string",
"description": "State of the incident",
"enum": [
"new",
"in_progress",
"resolved",
"closed"
]
},
"textual content": {
"kind": "string",
"description": "Article Physique Textual content for Data Bases Solely (KB)"
}
},
"required": [
"short_description",
"caller_id"
]
}
}
},
"required": true
},
"responses": {
"200": {
"description": "okay",
"content material": {
"software/json": {},
"software/xml": {},
"textual content/xml": {}
}
}
}
}
}
},
"elements": {
"schemas": {
"incident": {
"kind": "object",
"properties": {
"sys_id": {
"kind": "string",
"description": "Distinctive identifier for the incident"
},
"quantity": {
"kind": "string",
"description": "Incident quantity"
},
"short_description": {
"kind": "string",
"description": "Transient description of the incident"
}
}
}
},
"securitySchemes": {
"oauth2": {
"kind": "oauth2",
"flows": {
"authorizationCode": {
"authorizationUrl": "YOUR_SERVICENOW_INSTANCE_URL/oauth_auth.do",
"tokenUrl": "YOUR_SERVICENOW_INSTANCE_URL/oauth_token.do",
"scopes": {
"useraccount": "Entry equal to the person's account"
}
}
}
}
}
},
"safety": [
{
"oauth2": [
"useraccount"
]
}
]
}The URL for the ServiceNow occasion used on this put up is: https://devxxxxxx.service-now.com/. After updating the sections of the template with the URL for this particular occasion, the JSON ought to seem like the next:
"servers": [
{
"url": "https://devxxxxxx.service-now.com/"
} "securitySchemes": {
"oauth2": {
"kind": "oauth2",
"flows": {
"authorizationCode": {
"authorizationUrl": "https://devxxxxxx.service-now.com/oauth_auth.do",
"tokenUrl": "https://devxxxxxx.service-now.com/oauth_token.do",
"scopes": {
"useraccount": "Entry equal to the person's account"
}
}
}
}
}To create a customized plugin for ServiceNow:
-
- Sign up to the Amazon Q Enterprise console.
- Select Purposes within the navigation pane, after which choose your software from the listing of purposes.
- Within the navigation pane, select Enhancements, after which select Plugins.
- In Plugins, select Add plugin.
- In Add plugins, select Customized plugin.
- In Customized plugin, enter the next data:
- In Identify and outline, for Plugin title: Enter a reputation in your Amazon Q plugin.
- In API schema, for API schema supply, choose Outline with in-line OpenAPI schema editor.
- Choose JSON because the format for the schema.
- Take away any pattern schema that seems within the inline OpenAPI schema editor and exchange it with the textual content from the supplied pattern JSON template, up to date together with your ServiceNow occasion URL.
- In Authentication: Choose Authentication required.
- For AWS Secrets and techniques Supervisor secret, select Create and add a brand new secret. It is advisable to retailer the ServiceNow OAuth authentication credentials in a Secrets and techniques Supervisor secret to attach your third-party software to Amazon Q. Within the window that opens, enter the main points within the type:
- Secret title: A reputation in your Secrets and techniques Supervisor secret.
- Shopper ID: The Shopper ID from ServiceNow OAuth configuration within the earlier part.
- Shopper secret: The Shopper Secret from ServiceNow OAuth configuration within the earlier part.
- OAuth callback URL: The URL the person must be redirected to after authentication. This can be your internet expertise URL. For this instance, it’s: https://xxxxxxxx.chat.qbusiness.us-east-1.on.aws/oauth/callback. Amazon Q Enterprise will deal with OAuth tokens on this URL.
- In Select a way to authorize Amazon Q Enterprise: Choose Create and add a brand new service position. The console will generate a service position title. To attach Amazon Q Enterprise to third-party purposes that require authentication, it’s worthwhile to give the Amazon Q position permissions to entry your Secrets and techniques Supervisor secret. This can allow an Amazon Q Enterprise customized plugin to entry the credentials wanted to register to the third-party service.
- Select Add plugin so as to add your plugin.
Upon profitable completion, the plugin will seem below Plugins with Construct standing of Prepared and Plugin standing Energetic.
Utilizing Amazon Q Enterprise internet expertise chat to take actions in ServiceNow
Customers can launch your Amazon Q Enterprise internet expertise in two methods:
- AWS entry portal URL supplied in an invite e-mail despatched to the person to hitch AWS IAM Identification Heart.
- Net expertise URL shared by the admin.
Navigate to the deployed internet expertise URL and signal together with your AWS IAM Identification Heart credentials.
After signing in, select the New dialog icon within the left-hand menu to begin a dialog.
Instance: Search Data Base Articles in ServiceNow for person problem and create an incident
The next chat dialog instance illustrates a typical use case of Amazon Q Enterprise built-in with customized plugins for ServiceNow. These options can help you carry out a variety of duties tailor-made to your group’s wants.
On this instance, we provoke a dialog within the internet expertise chat to seek for KB articles associated to ”log in points” in ServiceNow by invoking a plugin motion. After the person submits a immediate, Amazon Q Enterprise queries ServiceNow by means of the suitable API to retrieve the outcomes and gives a response with associated KB articles. We then proceed by asking Amazon Q Enterprise for extra particulars to see if any of the KB articles straight addresses the person’s problem. When no related KB articles pertaining to the person’s problem are discovered, we ask Amazon Q Enterprise to summarize the dialog and create a brand new incident in ServiceNow, ensuring the difficulty is logged for decision.
Consumer immediate 1 – I'm having points logging in to the intranet and need to know if there are any ServiceNow KB articles on log-in points. Carry out the search on each Quick Description and Textual content discipline utilizing LIKE operator
Earlier than submitting the previous immediate for an motion to create an incident in ServiceNow, select the vertical ellipsis to open Dialog settings, then select Use a Plugin to pick the corresponding customized plugin for ServiceNow.
If that is the primary time a person is accessing the customized plugin or if their previous sign-in has expired, the person might want to authenticate. After authenticating efficiently, Amazon Q Enterprise will carry out the requested job.
Select Authorize.
If the person isn’t already signed in to ServiceNow, they are going to be prompted to enter their credentials. For this instance, the person signing in to ServiceNow is the admin person and API actions carried out in ServiceNow by Amazon Q Enterprise on behalf of the person can have the identical stage of entry because the person inside ServiceNow.
Select Enable for Amazon Q Enterprise to connect with ServiceNow and carry out the requested job in your behalf.
Upon executing the person’s request after verifying that they’re licensed, Amazon Q Enterprise responds with the knowledge that it retrieved. We then proceed to retrieve extra particulars with the next immediate.
Consumer immediate 2 – Are you able to listing the KB quantity and quick description in a tabular type?
As a result of there no KB articles associated the person’s problem had been discovered, we are going to ask Amazon Q to summarize the dialog context to create an incident with the next immediate.
Consumer immediate 3 – The error I get is "Unable to Login After System Improve". Summarize my problem and create an incident with detailed description and add a word that this must be resolved asap.
In response to your immediate for an motion, Amazon Q shows a overview type the place you possibly can modify or fill within the obligatory data.
To efficiently full the motion, select submit.
Word: The caller_id worth entered within the following instance is a sound ServiceNow person.
Your internet expertise will show successful message if the motion succeeds, or an error message if the motion fails. On this case, the motion succeeded and Amazon Q Enterprise responded accordingly.
The next screenshot exhibits that the incident was created efficiently in ServiceNow.
Troubleshooting frequent errors
To have a seamless expertise with third-party software integrations, it’s important to totally take a look at, determine, and troubleshoot sudden habits.
A standard error encountered in Amazon Q Enterprise is API Response too massive, which happens when an API response measurement exceeds the present restrict of 100 KB. Whereas prompting methods are important for acquiring correct and related solutions, optimizing API responses to incorporate solely the mandatory and related knowledge is essential for higher response occasions and enhanced person expertise.
The REST API Explorer (proven within the following determine) in ServiceNow is a software that enables builders and directors to work together with and take a look at the ServiceNow REST APIs straight from inside the ServiceNow setting. It gives a user-friendly interface for making API requests, viewing responses, and understanding the out there endpoints and knowledge constructions. Utilizing this software simplifies the method of testing and integrating with ServiceNow.
Clear up
To wash up AWS configurations, register to the Amazon Q Enterprise console.
- From the Amazon Q Enterprise console, in Purposes, choose the applying that you simply need to delete.
- Select Actions and choose Delete.
- To verify deletion, enter
Delete.
This can take a couple of minutes to complete. When accomplished, the applying and the configured customized plugin can be deleted.
If you delete the Amazon Q Enterprise software, the customers created as a part of the configuration will not be robotically deleted from IAM Identification Heart. Use the directions in Delete customers in IAM Identification Heart to delete the customers created for this put up.
To wash up in ServiceNow, launch the Private Developer Occasion provisioned for this put up by following the directions within the ServiceNow Documentation.
Conclusion
The mixing of generative AI-powered assistants resembling Amazon Q Enterprise with enterprise programs resembling ServiceNow gives vital advantages for organizations. By utilizing pure language processing capabilities, enterprises can streamline operations, improve person productiveness, and ship higher buyer experiences. The power to question real-time knowledge and create incidents and data articles by means of a safe and ruled chat interface transforms how customers work together with enterprise knowledge and purposes. As demonstrated on this put up, enhancing Amazon Q Enterprise to combine with ServiceNow utilizing customized plugins empowers customers to carry out complicated duties effortlessly, driving effectivity throughout numerous enterprise capabilities. Adopting this expertise not solely modernizes workflows, but in addition positions enterprises on the forefront of innovation.
Study extra
In regards to the Writer
Siddhartha Angara is a Senior Options Architect at Amazon Net Companies. He helps enterprise prospects design and construct well-architected options within the cloud, speed up cloud adoption, and construct Machine Studying and Generative AI purposes. He enjoys taking part in the guitar, studying and household time!
