May 2022
Flexera One introduced the following new features and enhancements this month.
Automation
Flexera One added the following new Automation feature in May 2022.
New Flexera One policies
This feature is available with Automation.
Flexera One adds support for additional Automation policies to help you in the following areas:
For a a complete list of supported policies, see the List of Flexera Policies topic in the Flexera One Help.
New Cost policies
Click the link in the Policy Name column to access the corresponding policy template.
Flexera One supports the following new Cost policies.
| Policy Name | Description |
|---|---|
| AWS Savings Plan Utilization | Monitoring your Savings Plans is an important part of Cloud Financial Management, as tracking the utilization of Savings Plans will inform you of wasted commitments and help you distribute your savings more effectively. This policy is built on AWS Savings Plan utilization metrics, which shows you the percentage of your Savings Plans commitment you are using across your On-Demand usage. Applying this policy requires you to select a lookback period (number of days of past usage to analyze), the Amazon Resource Name (ARN) of the Savings Plan to analyze, and a Utilization threshold to alert on if below the threshold. |
| Azure Savings Realized from Reservations | A key metric when managing Commitments in the cloud is savings realized from purchasing and using reservations. This allows you to understand the effectiveness of your savings strategy. Flexera One’s Azure Savings Realized from Reservations policy will help you to identify trends in your savings from Compute commitments, and importantly tie this back to total Compute spend as a percentage. Applying this policy only requires a start date, end date, and specific billing centers for the period you wish to view your savings realized for, as well as the chart type to view the data by. |
| Cloud Spend Forecast - Moving Average | Predicting what you may spend on cloud is a challenging task given the variable nature of cloud consumption and the effects of optimization activities such as Reservations and Rightsizing. Our Cloud Spend Forecast policies provide several ways to gain some insight into what your future spend may look like. The following policies can be applied: Cloud Spend Forecast - Straight Line (Linear Regression Model) Cloud Spend Forecast - Straight Line (Simple Model) Cloud Spend Forecast - Moving Average This policy uses the Moving Average method to forecast your spend. You can choose to forecast at the Billing Center or entire Organization level, specify how many months of historical data should be considered, and specify how many months should be forecasted. |
| Cloud Spend Forecast - Straight-Line (Linear Regression Model) | Cloud Spend Forecast policies provide a number of ways to gain some insight into what your future spend may look like. The following policies can be applied: Cloud Spend Forecast - Straight Line (Linear Regression Model) Cloud Spend Forecast - Straight Line (Simple Model) Cloud Spend Forecast - Moving Average This policy uses the Straight-Line method using a Linear Regression model which uses a more sophisticated calculation than the Simple model to forecast your spend. You can choose to forecast at the Billing Center or entire Organization level, specify how many months of historical data should be considered, and specify how many months should be forecasted. In addition, you can choose to breakdown forecasted costs by the following dimensions: category, region, service, and vendor account (for example, AWS account, Azure subscription, and so on). |
| Cloud Spend Forecast - Straight-Line (Simple Model) | Predicting what you may spend on cloud is a challenging task given the variable nature of cloud consumption and the effects of optimization activities such as Reservations and Rightsizing. Our Cloud Spend Forecast policies provide a number of ways to gain some insight into what your future spend may look like. The following policies can be applied: Cloud Spend Forecast - Straight Line (Linear Regression Model) Cloud Spend Forecast - Straight Line (Simple Model) Cloud Spend Forecast - Moving Average This policy uses the Straight-Line method using a Simple model which uses a more basic calculation than the Linear Regression model to forecast your spend. You can choose to forecast at the Billing Center or entire Organization level, specify how many months of historical data should be considered, and specify how many months should be forecasted. In addition, you can choose to breakdown forecasted costs by the following dimensions: category, region, service, and vendor account (for example, AWS account, Azure subscription, and so on). |
| Vendor Commitment Forecast | Tracking your cloud spend against your vendor commitments can be important to ensure you are on track and can help with your budgeting and financial planning. In addition to tracking spend over a defined period (1-3 years) we also provide a forecast based on historical months to give an indication of what your spend at the end of the commitment may be. Applying the policy is as simple as specifying the cloud vendor, duration and amount of commitment and the cost basis—amortized or non-amortized—that you need to track. |
New Operational policies
Click the link in the Policy Name column to access the corresponding policy template.
Flexera One supports the following new Operational policies.
| Policy Name | Description |
|---|---|
| AWS Usage Report - Number of Instance Hours Used | Understanding the details of your cloud consumption is an important part of cloud financial management - whether you are looking to take advantage of committed use discounts or working closely with the cloud vendors to ensure capacity is available for your future needs. This Flexera One usage report will help you establish the number of compute hours by Instance/VM Type and Region to support you in achieving these outcomes. Applying these policies requires you to select the relevant AWS region for the analysis, or this can be left blank to analyze your organization as a whole. Note: This functionality is currently only available for AWS, however an Azure equivalent is in progress. |
| AWS Usage Report - Number of Instance vCPUs Used | Understanding the details of your cloud consumption is an important part of cloud financial management whether you are looking to take advantage of committed use discounts or working closely with the cloud vendors to ensure capacity is available for your future needs. This Flexera One usage report will help you establish the number of compute vCPUs by Instance/VM Type and Region to support you in achieving these outcomes. Applying these policies requires you to select the relevant AWS region for the analysis, or this can be left blank to analyze your organization as a whole. Note: This functionality is currently only available for AWS, however an Azure equivalent is in progress. |
IT Asset Management
IT Asset Management added the following new features and enhancements in May 2022.
New digitally-signed package for IBM License Consumption reports
This feature is available with IT Asset Management.
IT Asset Management now provides the digitally-signed report package for the following reports:
- IBM Cloud Pak consumption report
- IBM PVU license consumption report
- IBM VPC license consumption report
The package can be used as a trusted source for audit as the data contained in the package can be validated for authenticity.
Each package contains the following data:
- IBM Cloud Pak license consumption report
- IBM PVU license consumption report
- IBM VPC license consumption report
- Report summary
- Checksums
To generate a digitally-signed report package, go to the IBM Cloud Pak Consumption, IBM PVU License Consumption, or IBM VPC License Consumption report page, select the reporting period, and click the Download the archive link.
New VMware Horizon adapter for collecting non-persistent VDI data
This feature is available with IT Asset Management.
The new VMware Horizon adapter allows you to collect non-persistent VDI data from VMware Horizon and import it into IT Asset Management.
Collected VDI data consists of:
- Existing VDI devices and templates
- Existing desktop pools where these VDI devices and templates are installed
- What user groups have access to these desktop pools
Application evidence can then be collected from each of the VDI devices by the FlexNet inventory agent. This application evidence will show all of the software accessible by end-users.
Imported VDI data alongside the application evidence collected by the FlexNet inventory agent will give you full IT visibility of inventory running on the VMware Horizon platform, and provide licensing capabilities for all applications used by end-users on non-persistent VDIs.
For more details, see VMware Horizon Adapter in the Inventory Adapters and Connectors Reference.
New IBM VPC License Consumption reports
This feature is available with IT Asset Management.
The new VMware Horizon adapter allows you to collect non-persistent VDI data from VMware Horizon and import it into IT Asset Management.
This release includes two additional reports that can be saved/archived in the same way as the IBM Cloud Pak license consumption reports:
- The IBM VPC License Consumption report is an audit report that displays the consumption details of all VPC-licensed IBM products that are not bundled, for a given reporting period.
- The IBM VPC License Current Consumption report displays the consumption details of all VPC-licensed IBM products that are not bundled, and were being consumed at the time of the most recent full inventory import and license reconciliation.
You can jump directly to either report from the Consumption tab in the IBM VPC license properties page. The reports are also accessible through the Reports menu.
For IBM VPC licenses, depending on what bundle consumption rule has been chosen in the Use rights & rules tab, will determine what VPC report links are displayed in the Consumption tab. If Consume for each product on a device is selected, links to the IBM Cloud Pak License Consumption and IBM Cloud Pak License Current Consumption reports are displayed. If Consume once for each device is selected, links to the IBM VPC License Consumption and IBM VPC License Current Consumption reports are displayed.
To itemize consumption, the reports combine properties of:
- Application
- Host
- Inventory device
- License
- Region
- Resource pools
Additional new license assignment failure reason has been added
This enhancement is available with IT Asset Management.
The new license assignment failure reason will appear in the assessment reasons column when no valid points rules have been configured for devices consuming from licenses that require a point rules set. This results in devices being excluded from license assignment.:
| Message | Notes |
|---|---|
| No consumption could be calculated because a matching points rule could not be found to cover this device | For licenses that require a points rule set, such as: IBM PVU Oracle Processor MS server core / MS server processor licenses. This assignment failure reason indicates there is no corresponding points rule to cover the device. This can happen if it does not match on processor type, is lower than the minimum or higher than the maximum number of cores, sockets, and so on. Or, that the device is hosted in a cloud service provider which is not covered by a rule. |
Generation of the Oracle GLAS evidence archive added as a system task
This enhancement is available with IT Asset Management.
To help reduce the overall execution time of reconciliation, the Oracle GLAS Archive sub-task has been extracted from the reconciliation process into its own system task.
The Oracle GLAS Archive system task is automatically triggered by the execution of the inventory import and the license reconcile. The archive can also be regenerated after a license reconciliation is triggered in the Web UI.
To view the status of system-level tasks, go to the System Tasks page (Data Collection > IT Assets Inventory Status > System Tasks). Your account needs the IT Asset Management Troubleshooting: access to System Tasks page privilege to view this page.
In the System Tasks page, the OracleGLASArchive system task has a corresponding subtask named Oracle GLAS archive generation. Like other system tasks, the status of the task/step is displayed, along with a brief summary.
See the System Tasks section of the Flexera One Help for more information on system tasks.
New Changed PVU Per Core property in IBM PVU License Consumption reports
This feature is available with IT Asset Management.
A new property Changed PVU per core is now available in the IBM PVU License Consumption and IBM PVU License Current Consumption report pages. This property helps the user to easily identify whether the user-customized points rule sets or the Flexera-published points rule sets have been used in the license consumption calculation.
Citrix Virtual Desktops File and Installer Evidence reports have been updated to collect VMware Horizon non-persistent VDI data
This enhancement is available with IT Asset Management.
With the introduction of the new VMware Horizon adapter, you can now collect non-persistent VDI data from VMware Horizon and import it into IT Asset Management.
This data can be viewed in the Virtual Desktops File Evidence report and Virtual Desktops Installer Evidence report. These reports were formerly known as the Citrix Virtual Desktops File Evidence report and Citrix Virtual Desktops Installer Evidence report.
With the introduction of the new VMware Horizon adapter, these reports have been updated to now report on file and installer evidence found on both Citrix Virtual Desktop Infrastructure (VDI) servers associated with Citrix delivery groups, and VMware Horizon non-persistent virtual desktop infrastructure(s) (VDI) delivering Desktops to end-users.
The reports are generated in the same manor as before and a new column called Access Mode has been added to each report:
| Column Name | Description |
|---|---|
| Access Mode | Indicates which platform the file evidence originated from. This field can have one of the following values: Citrix Virtual Desktops Horizon Virtual Desktops |
| Column Name | Description |
|---|---|
| Access Mode | Indicates which platform the installer evidence originated from. This field can have one of the following values: Citrix Virtual Desktops Horizon Virtual Desktops |
Two additional tabs (VDIs, AD Groups) have been added to the Virtual Desktop Template properties page
This enhancement is available with IT Asset Management.
This enhancement is available with IT Asset Management.The VDIs tab displays a list of deployed VDIs from a template as reported in the most recent software inventory. The following fields are included:
- Access Mode
- Chosen for evidence
- Domain
- Group
- Site
- VDI device
The AD Groups tab displays a list of Active Directory groups and users who have been given access to a desktop pool. The following fields are included:
- Domain name
- Domain flat name
- Name
- SID
- VDI Group
IT Visibility
IT Visibility added the following new feature in May 2022.
Schedule export of individual insights and dashboards
This feature is available with IT Visibility.
IT Visibility’s built-in dashboards enable you to schedule automatic export of individual insights and the entire dashboard and receive these exports as attachments in regular emails using the Schedule export feature. Dashboards can be exported as PDF files. Insights can be exported as raw data (CSV files) or as spreadsheets (XLSX files).
You can manage schedules with each dashboard based on the role assigned to you. For more information on Flexera One roles used with IT Visibility, see Flexera One Roles.
SaaS Management
SaaS Management added the following new features and enhancements in May 2022.
Improved CSV file for exporting all SaaS licenses
This enhancement is available with SaaS Management.
Exporting SaaS license data in Flexera’s SaaS Management All SaaS Licenses screen provides an opportunity for Software Asset Managers to further analyze their organization’s data in tools such as Microsoft Excel. The All SaaS Licenses exported CSV file now offers an enhanced format to enable the right decisions to be made by providing easy access to the required SaaS license data.
For SaaS applications with multiple licenses, such as Microsoft 365 and Salesforce, the exported CSV file now lists each license as a separate line item in the License Name column. The license’s corresponding Annual Cost and # of Users Allowed column information appears in the same row as the License Name information.
New API endpoints for Azure and Azure Client Credentials
This feature is available with SaaS Management.
The SaaS Management Microsoft Azure and Azure Client Credentials integrations have migrated from Microsoft Azure AD APIs to Microsoft Graph APIs. The Azure AD Graph API is now deprecated. Starting June 30, 2022, support ends for Azure AD Graph. Apps using Azure AD Graph after June 30, 2022 will no longer receive responses from the Azure AD Graph endpoint. We ask that you migrate to the Microsoft Graph APIs and refer to the following details.
- Action required for new SaaS Management integrations with Azure and Azure Client Credentials
- Actions required for existing SaaS Management Integrations with Azure and Azure Client Credentials
- Only publisher verified applications now display in SaaS Management
Action required for new SaaS Management integrations with Azure and Azure Client Credentials
You must grant permissions for Microsoft Graph API instead of Azure AD Graph API. Refer to the new API endpoints below.
New Azure and Azure Client Credentials API endpoints
Below are the new Microsoft Graph API endpoints.
HR Roster
https://graph.microsoft.com/v1.0/users
Application Discovery
https://graph.microsoft.com/v1.0/servicePrincipals
SSO Application Access
https://graph.microsoft.com/v1.0/auditLogs/signIns
SSO Application Roster
https://graph.microsoft.com/v1.0/users/<UserID>/appRoleAssignments
Actions required for existing SaaS Management Integrations with Azure and Azure Client Credentials
Due to SaaS Management’s migration from Microsoft Azure AD APIs to Microsoft Graph APIs, existing Azure and Azure Client Credentials integrations will fail due to a 401 Unauthorized Error.
Actions for Existing Azure integrations
- Once the Azure integration tasks start failing, you must reauthorize the integration.
- For granting access to Microsoft Graph APIs, an Offline_access permission is also necessary for the refresh token generation.
Complete the following action to prevent this error for Existing Azure Client Credentials integrations
Update the existing permissions to the required Microsoft Graph API permissions:
- AuditLog.Read.All
- Directory.Read.All
The Azure integration with SaaS Management will fail if consent is not given to both the AuditLog.Read.All and the Directory.Read.All permissions. For details, refer to the Microsoft List signIns documentation section.
Only publisher verified applications now display in SaaS Management
Previously, the SaaS Management Application Discovery integration task captured unverified and verified application publishers. Now the Application Discovery task only captures verified application publishers who have verified their identity using their Microsoft Partner Network (MPN) account and have associated this MPN account with their app registration. For details, see the Microsoft documentation Mark your app as publisher verified.
As a result:
- Only publishers verified by the Microsoft Partner Network would be fetched.
- For applications with unverified publishers, the following will display in the managed SaaS application's Integrated Applications tab:
- SSO Integration column by default will be set to false.
- Publisher column will display “unverified”.
Improved CSV file for exporting SaaS license usage
This enhancement is available with SaaS Management.
Exporting SaaS license usage data in Flexera’s SaaS Management SaaS License Usage screen provides an opportunity for Software Asset Managers to further analyze their organization’s data in tools such as Microsoft Excel. The SaaS License Usage exported CSV file now offers an enhanced format to enable the right decisions to be made by providing easy access to the required SaaS license usage data.
For SaaS applications with multiple licenses, such as Microsoft 365 and Salesforce, the exported CSV file now lists each license as a separate line item in the Licenses column. The license’s corresponding usage information such as Annual Cost and # of Users Allowed column information appears in the same row as the Licenses information.
Creating a Salesforce user role
This enhancement is available with SaaS Management.
The Salesforce Standard User or System Administrator user role permissions are required to set up integrations for all your Salesforce orgs with Flexera’s SaaS Management. The following tutorial explains how to set up the Salesforce Standard User and Systems Administrator user roles and ensure the users assigned to these roles have the correct minimum permissions based on the Salesforce scopes required and Salesforce user role.
The following Salesforce scopes required table explains the scope of responsibilities the user needs to enable Flexera SaaS Management integration tasks with Salesforce.
Salesforce scopes required
| Scopes Required | Description | Integration Task Name |
|---|---|---|
| Access your basic information | To read user details | Application Roster |
| Access and manage your data (API) | Access and manage your data | Application Roster Application Access License Information Reclamation |
| Perform requests on your behalf at any time (refresh_token, offline_access) | To make an authenticated API call | Required for Authentication |
Salesforce user role
To grant the above scopes required permissions and to authorize access to the OAuth client application configured in Flexera’s SaaS Management integration with Salesforce, the user must have the following user role permissions.
| User Role | Description |
|---|---|
| Standard User | If you only enable the Application Roster, Application Access, and License Information tasks, then the Standard User permissions are required. |
| System Administrator | If you enable the Reclamation task, along with the Application Roster and Application Access tasks, then the System Administrator permissions are required. To reclaim a license, the user requires Manage User permissions. In the Standard User profiles available in Salesforce, only the System Administrator has these permissions. For more details, refer to the Salesforce Standard Profiles. |
If you do not wish to use the System Administrator user role, refer to the Salesforce instructions in Create a Secure Salesforce API User to create a custom profile with API Enabled and Manage User permissions.
The following instructions explain how to assign the Salesforce Standard User or System Administrator role to a user:
This Salesforce user role information is subject to change as enhancements are made to Salesforce.
To assign these Standard User or System Administrator roles to a user, the Salesforce account must have at least 1 Salesforce User license available/remaining.
- In Salesforce, navigate to Setup -> Administration -> Users -> Users.
- Is the user a new user or an existing user?
- For a new user, click New User.
- For an existing user, click edit on the selected user.
- In the User License dropdown, select Salesforce as the license type.
- In the Profile dropdown, select the appropriate user role.
- Select Standard User to assign users the SaaS Management tasks: Application Roster, Application Access, and License Information.
- Select System Administrator to assign users the SaaS Management tasks: Application Roster, Application Access, License Information, and Reclamation.
- Click Save to create or update the selected user.
ServiceNow user activity tracking
This feature is available with SaaS Management.
Flexera SaaS Management’s integration with ServiceNow and ServiceNow OAuth2 now tracks all user activity and the time the activity occurred. Software Asset Managers can now identify whether users with ServiceNow Approver and Fulfiller (ITIL) licenses are using the paid aspects of their licenses and are delivering services to requesters or approving requests within the appropriate time period.
Some examples of tracked ServiceNow user activity include, but are not limited to, the following:
- Request Approved
- Request Updated
- Request Inserted
- Incident Updated
- Incident Inserted
- Incident Inactive
- Problem Inserted
Actions required for existing SaaS Management Integrations with ServiceNow and ServiceNow OAuth2
If you currently have a ServiceNow or a ServiceNow OAuth2 integration with Flexera’s SaaS Management, complete the following tasks to track user events and the time the events occurred. For further details, refer to the ServiceNow or ServiceNow OAuth2 integration instructions.
- The minimum permissions for ServiceNow and ServiceNow OAuth2 have been updated. For details, refer to the appropriate minimum permissions table: Minimum permissions required for ServiceNow or Minimum permissions required for ServiceNow OAuth2.
- Enable the updated ServiceNow or ServiceNow OAuth2 user role permissions based on whether your existing integration supports license differentiation. For details, refer to Enabling ServiceNow and ServiceNow OAuth2 user role permissions.
- If your organization currently implements the optional task of Creating a custom role with a reading permission specific to the tables used in the integration API, note that step 6 has been added to these instructions.
- The ServiceNow and ServiceNow OAuth2 API endpoints have been updated. Refer to the appropriate API endpoints based on whether your existing integration supports license differentiation: API endpoints with license differentiation or API endpoints without license differentiation.
Actions required for new SaaS Management Integrations with ServiceNow and ServiceNow OAuth2
You need to complete the following tasks to integrate ServiceNow or ServiceNow OAuth2 with SaaS Management. For further details, refer to the ServiceNow or ServiceNow OAuth2 integration instructions.
- To track user activity and the time the activity occurred, complete the task: Enabling the SaaS Management Application Access integration task.
- Note the appropriate user permissions: Minimum permissions required for ServiceNow or Minimum permissions required for ServiceNow OAuth2.
- As an option for your organization, you can enable the task: Creating a custom role with a reading permission specific to the tables used in the integration API.
- Based on your decision whether to support license differentiation for your integration, refer to the appropriate API endpoints: API endpoints with license differentiation or API endpoints without license differentiation.
Enabling the SaaS Management Application Access integration task
To track ServiceNow and ServiceNow OAuth2 user activity and the time the activity occurred, you need to enable the SaaS Management Application Access integration task per the appropriate instructions:
During the first run of the Application Access task, Flexera pulls data for only the last 6 days.
Minimum permissions required for ServiceNow
| Role | Description | Integration Task Name |
|---|---|---|
| admin, snc_read_only | These roles are required for retrieving the ServiceNow users and their activities. For details, refer to the Base System Roles section of the ServiceNow documentation. | Application Roster Application Access |
| admin | This role is required to: Retrieve the ServiceNow users and their activities Manage user licenses for the Reclamation task. For details, refer to the Base System Roles section of the ServiceNow product documentation. | Application Roster Application Access Reclamation |
Minimum permissions required for ServiceNow OAuth2
| Role | Description | Integration Task Name |
|---|---|---|
| admin, snc_read_only | These roles are required for retrieving the ServiceNow users and their activities. For details, refer to the Base System Roles section of the ServiceNow documentation. | Application Roster Application Access |
| admin | This role is required to: Retrieve the ServiceNow users and their activities Manage user licenses for the Reclamation task. Register the Client Application Generate the Client ID and Client Secret in ServiceNow. For details, refer to the Base System Roles section of the ServiceNow documentation. | Application Roster Application Access Reclamation |
Enabling ServiceNow and ServiceNow OAuth2 user role permissions
Follow the steps below to enable the correct ServiceNow and ServiceNow OAuth2 user role permissions for an existing SaaS Management integration with ServiceNow.
To enable the correct user role permissions for an existing SaaS Management integration with ServiceNow, determine whether License Differentiation is enabled.
- When License Differentiation is enabled for an existing SaaS Management integration with ServiceNow added using itil and snc_read_only permissions:
- If you want to enable only the Application Roster and Application Access tasks, you are required to elevate the user role to admin and snc_read_only.
- If you want to enable the Application Roster, Application Access, and Reclamation tasks, you are required to elevate the user role only to admin.
- When License Differentiation is not enabled for an existing SaaS Management integration with ServiceNow:
- If you want to enable only the Application Roster and Application Access tasks, you are required to have the rest_api_explorer role.
- If you want to enable the Application Roster, Application Access, and Reclamation tasks, you are required to have the user_admin role. For details, refer to the Base System Roles section of the ServiceNow product documentation.
Creating a custom role with a reading permission specific to the tables used in the integration API
If you wish to have a custom role with a reading permission specific to the tables used in the integration API, then follow the steps below to create a custom role.
If you enable the Reclamation task, the user_admin role and the custom role are required.
To create a custom role with a reading permission specific to the tables used in the integration API:
- Log in to your ServiceNow instance as a security_admin or log in as a system administrator. Elevate your role by clicking System Administrator. Navigate to Elevate Roles and enable the security_admin check box, which enables this permission to edit the Access Control List.
- To create a custom role, navigate to the Roles tab by searching for the “
roles” keyword in the All Applications menu on the left side of the screen. Click the New button and enter the desired name for the role. Click Submit to create this new role. - In the All Application navigator, search for the “
Access Control” keyword. Click Access Control (ACL) to navigate to the Access Control tab. - In the Access Control tab, search for the access control keyword “
sys_user_has_role”. Click on the record with the read operation type, add the custom role created under the Requires Role section, and click Update. - Repeat the same steps for the “sys_user_role” Access Control record, add the custom role created to the Requires Role section, and click Update.
- In the Access Control tab, search for the access control keyword “
sysevent”. There will be two records with read operation.- Open the record type that does not contain the default entry of “
pa_data_collector“. - Add the custom role created under the Requires Role section.
- Click Update.
- Open the record type that does not contain the default entry of “
API endpoints with license differentiation
Application Roster
https://<<instance>>.service-now.com/api/now/stats/sys_user_has_role
https://<<instance>>.service-now.com/api/now/table/sys_user_has_role
Application Access
https://<<instance>>.service-now.com/api/now/stats/sysevent
https://<<instance>>.service-now.com/api/now/table/sysevent
Reclamation
https://<<instance>>.service-now.com/api/now/v2/table/sys_user_has_role/{sys_id}
API endpoints without license differentiation
Application Roster and Application Access
https://<<instance>>.service-now.com/api/now/stats/sys_user
https://<<instance>>.service-now.com/api/now/table/sys_user
Reclamation
https://<<instance>>.service-now.com/api/now/v2/table/sys_user/{sys_id}