Merge pull request #111906 from nolavime/patch-15

adding new recommandation

Author: PRMerger7

articles/azure-monitor/platform/itsmc-connections.md

@@ -190,6 +190,18 @@ Ensure the following prerequisites are met:
     - [Set up OAuth for Istanbul](https://docs.servicenow.com/bundle/istanbul-platform-administration/page/administer/security/task/t_SettingUpOAuth.html)
     - [Set up OAuth for Helsinki](https://docs.servicenow.com/bundle/helsinki-platform-administration/page/administer/security/task/t_SettingUpOAuth.html)
     - [Set up OAuth for Geneva](https://docs.servicenow.com/bundle/geneva-servicenow-platform/page/administer/security/task/t_SettingUpOAuth.html)
+> [!NOTE]
+> As a part of the definition of the “Set up OAuth” we would recommend:
+> 1) **Update the refresh token lifespan to 90 days (7,776,000 seconds)**
+>    As a part of the [Set up OAuth](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.servicenow.com%2Fbundle%2Fnewyork-platform-administration%2Fpage%2Fadminister%2Fsecurity%2Ftask%2Ft_SettingUpOAuth.html&data=02%7C01%7CNoga.Lavi%40microsoft.com%7C2c6812e429a549e71cdd08d7d1b148d8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637208431696739125&sdata=Q7mF6Ej8MCupKaEJpabTM56EDZ1T8vFVyihhoM594aA%3D&reserved=0) in phase 2: [Create an endpoint for clients to access the instance](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.servicenow.com%2Fbundle%2Fnewyork-platform-administration%2Fpage%2Fadminister%2Fsecurity%2Ftask%2Ft_CreateEndpointforExternalClients.html&data=02%7C01%7CNoga.Lavi%40microsoft.com%7C2c6812e429a549e71cdd08d7d1b148d8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637208431696749123&sdata=hoAJHJAFgUeszYCX1Q%2FXr4N%2FAKiFcm5WV7mwR2UqeWA%3D&reserved=0) 
+>    After the definition of the endpoint, In ServiceNow blade search for System OAuth -> Application Registry select the name of the 	OAuth that was defined and update the field of “Refresh token Lifespan to 7,776,000.
+>    At the end click update.
+> 2)	**We recommend to establish an internal procedure to ensure the connection remains alive**
+>       According to the “Refresh Token Lifespan” to refresh the token. Please make sure to perform the following operations prior refresh token expected expiration time (Couple of days before the “Refresh Token Lifespan” expires we recommend):
+>       a.	[Complete a manual sync process for ITSM connector configuration](https://docs.microsoft.com/azure/azure-monitor/platform/itsmc-resync-servicenow) 
+>       b.	Revoke to the old refresh token as it is not recommended to keep old keys from for security reasons. 
+>               In ServiceNow blade search for “System OAuth” -> “Manage Tokens” and then select the old token from the list according to the OAuth name and expiration date.
+>               Click on “Revoke Access” -> “Revoke
 
 
 - Install the User App for Microsoft Log Analytics integration (ServiceNow app). [Learn more](https://store.servicenow.com/sn_appstore_store.do#!/store/application/ab0265b2dbd53200d36cdc50cf961980/1.0.1 ).