← All demos DEMO REPORT · ENERGY

A ServiceNow ticket triggers policy validation, manager approval with pre-attached SOX / ISO 27001 reasoning, and simultaneous provisioning across AD, Azure AD, and the target application. LLM-generated work note. Auto-closed ticket. 28 screenshots.

Book a walkthrough →
Regisseur · Energy Vertical · Access Request Management

AI-Orchestrated Access Request Fulfilment

ServiceNow integration · Policy validation · Multi-system provisioning · Automatic ticket closure

6Workflow nodes
3AI agents
2Human gates
8MCP tools
28Screenshots
28/28Steps verified

Generated May 19, 2026 at 11:31 AM

Demo Scope (D-31 Honesty)

Integration

§0 — Webhook Intake

ServiceNow ticket arrives → Regisseur case auto-created, idempotent

§0a — Webhook configured: servicenow-inbound event source with visual pipeline editor 0a
§0a — Webhook configured: servicenow-inbound event source with visual pipeline editor

Settings → Integrations shows the servicenow-inbound event source configured with a visual routing pipeline. A ROUTE rule maps ServiceNow access request payloads to the Energy Access Request template. MAP rules extract the applicant name, ticket number, and department into job fields. No JSON editing required — the entire webhook pipeline is configured through visual step cards.

§0b — Case auto-created: REQ0002345 — Alice Chen appears in queue 0b
§0b — Case auto-created: REQ0002345 — Alice Chen appears in queue

ServiceNow ticket REQ0002345 arrived via outbound webhook. Regisseur auto-created case "REQ0002345 — Alice Chen (Access Request)" (intakeStatus: activated). No human action required — the ServiceNow ticket is now a structured Regisseur workflow visible in the active case queue. Employee: Alice Chen, EMP-9123, Field Operations, starting 2026-07-01.

§0c — Webhook case graph: energy-access-request-v1 instantiated 0c
§0c — Webhook case graph: energy-access-request-v1 instantiated

Workflow graph for webhook-created case REQ0002345 — Alice Chen. The energy-access-request-v1 process template was instantiated automatically from the ServiceNow JSON payload. 6 nodes configured: Request Intake → Policy Validation (AI) → Manager Approval → Access Provisioning (AI) → ServiceNow Writeback (AI) → Request Complete. Zero manual configuration — the template was bound to the webhook in Settings → Integrations.

§0d — Idempotency: duplicate ServiceNow webhook detected 0d
§0d — Idempotency: duplicate ServiceNow webhook detected

ServiceNow retry protection: the same ticket (Idempotency-Key: demo-alice-chen-17792081…) was sent a second time. Regisseur returned: duplicate=true, jobId=db44cba6-7349-4dc5-b671-7fcf4200a4fc. No duplicate case was created — enterprise-grade idempotency prevents double-processing even when ServiceNow's retry logic fires multiple times for the same ticket.

Platform

§1 — Control Center

The daily operating surface for the access management team

§1a — Workflow Control Center: daily operating surface 1a
§1a — Workflow Control Center: daily operating surface

Workflow Control Center — the daily operating surface for the access management team. Live queue metrics, active cases, and SLA indicators. The energy vertical is installed and the access-request workflow template is ready.

§1b — Active Case Queue: James Kowalski REQ0001234 visible 1b
§1b — Active Case Queue: James Kowalski REQ0001234 visible

Case queue shows the pre-seeded access request for James Kowalski (REQ0001234). The case is active and ready for the AI pipeline to begin. Priority 2 — High. Employee: EMP-4821, Field Engineer, Permian Basin.

Integration

§2 — Integration Blueprint

ServiceNow ITSM and access provisioning wired via MCP

§2a — Energy Package installed: ServiceNow + Access Provisioning 2a
§2a — Energy Package installed: ServiceNow + Access Provisioning

Energy — Access Request package is installed. Two mock integration servers registered: ServiceNow ITSM (port 39810) and multi-system access provisioning (port 39811). Eight MCP tools registered across the two servers.

§2b — MCP Server Registry: servicenow-mock + access-provisioning-mock 2b
§2b — MCP Server Registry: servicenow-mock + access-provisioning-mock

MCP server registry shows servicenow-mock (port 39810) and access-provisioning-mock (port 39811). Eight tools registered across the two servers: snow_get_request, snow_get_user, snow_add_work_note, snow_update_request_state, provision_ad_groups, provision_azure_role, provision_application_access, verify_access_granted.

§2c — Policy Validation Agent: graduated autonomy with ServiceNow MCP tools 2c
§2c — Policy Validation Agent: graduated autonomy with ServiceNow MCP tools

Policy Validation Agent: reads the ServiceNow ticket, fetches the requester's AD profile, then runs LLM reasoning against the SOX/ISO-27001 access control policy. Graduated autonomy — operator review enabled for high-risk decisions. Pipeline: read case data → snow_get_request → snow_get_user → llm_reasoning → write results.

Case

§3 — Active Case Overview

Pre-seeded REQ0001234 — James Kowalski ready for validation

§3a — Active Case: REQ0001234 — James Kowalski graph state 3a
§3a — Active Case: REQ0001234 — James Kowalski graph state

Active access request case: REQ0001234 for James Kowalski (Field Engineer, Permian Basin). Node 1 — Request Intake — is complete. Node 2 — Policy Validation — is eligible and queued for the AI agent. Graph state reflects direct-seeded initial conditions.

§3b — Case Record: structured intake data from ServiceNow fixture 3b
§3b — Case Record: structured intake data from ServiceNow fixture

Case Record tab shows the structured data from the intake form: employee profile (James Kowalski, EMP-4821, Field Engineer, Permian Basin TX), requested systems (PI System, SCADA Viewer, Corporate AD — Field Engineers), priority 2 — High, and business justification. All fields pulled from the ServiceNow fixture.

AI Agent

§4 — Policy Validation Agent

LLM validates SOX/ISO 27001 compliance via ServiceNow data

§4a — Policy Validation node: eligible, agent executor configured 4a
§4a — Policy Validation node: eligible, agent executor configured

Policy Validation node is eligible. Agent executor: energy-access-policy-validator. Graduated autonomy mode — pipeline reads the ServiceNow ticket, fetches the requester's AD profile, then runs LLM reasoning against SOX/ISO-27001 policy. Triggering execution...

§4b — Policy Validation agent triggered: pipeline starting 4b
§4b — Policy Validation agent triggered: pipeline starting

Policy Validation agent triggered (cascade re-fire: true). Pipeline executing: read case data → snow_get_request (ServiceNow ticket) → snow_get_user (AD profile) → llm_reasoning (SOX/ISO 27001 compliance check) → write results. This is a real pg-boss task running a real LLM call against mock MCP endpoints.

§4c — Policy Validation: pipeline trace with MCP tool calls 4c
§4c — Policy Validation: pipeline trace with MCP tool calls

Policy Validation complete (result: complete). Pipeline trace shows: read case data → snow_get_request (ServiceNow ticket fetched) → snow_get_user (AD profile retrieved) → LLM reasoning (SOX/ISO 27001 compliance check) → write results. Risk level and compliance decision written to case attributes. Graduated autonomy: agent task approved automatically (no compliance_flags triggered).

§4d — Case Record: policy_check_result, policy_check_notes, risk_level written 4d
§4d — Case Record: policy_check_result, policy_check_notes, risk_level written

Case attributes updated after Policy Validation Agent (result: complete): policy_check_result (compliance decision), policy_check_notes (validation reasoning), and risk_level (low | medium | high) written to case_attributes. These feed the manager approval UI in the next node. D-16: all writes via case_attributes.

Human Gate

§5 — Manager Approval

Human gate: on-call manager approves with full context

§5a — Manager Approval node activated after Policy Validation 5a
§5a — Manager Approval node activated after Policy Validation

Manager Approval node is now active. The on-call manager receives the case in their work queue with the policy validation result pre-populated (risk_level + policy_check_notes). For this demo, the manager approves inline via the API to maintain automated flow.

§5b — Manager Approval: reviewing policy check result, approving 5b
§5b — Manager Approval: reviewing policy check result, approving

Manager reviews the policy validation result (risk_level, policy_check_notes) and approves the access request. Approval note recorded: 'Approved — standard field engineer access, low risk per policy validation.' The case record shows all agent-written attributes alongside the human decision.

§5c — Manager Approval recorded: Access Provisioning agent queued 5c
§5c — Manager Approval recorded: Access Provisioning agent queued

Manager approval recorded (API result: true). Case cascade fires — Access Provisioning agent (energy-access-provisioning-agent) is now queued. Node 3 shows complete status. Node 4 — Access Provisioning — is now eligible.

AI Agent

§6 — Access Provisioning

4-tool provisioning pipeline: AD → Azure → PI System → SCADA

§6a — Access Provisioning node: eligible, agent executor ready 6a
§6a — Access Provisioning node: eligible, agent executor ready

Access Provisioning node is eligible. Agent: energy-access-provisioning-agent. Will execute 4 provisioning tools in sequence: provision_ad_groups → provision_azure_role → provision_application_access (PI System + SCADA Viewer) → verify_access_granted. Each tool simulates 400–800ms provisioning latency against the mock server.

§6b — Access Provisioning agent running: 4 tools executing 6b
§6b — Access Provisioning agent running: 4 tools executing

Access Provisioning agent executing (result: complete). Provisioning sequence: AD group enrollment (Corporate AD — Field Engineers) → Azure RBAC assignment (Reader, /field-ops) → PI System access (read) → SCADA Viewer access (read) → verification check. All tools call the access-provisioning-mock MCP server on port 39811.

§6c — Access Provisioning: pipeline trace showing all 4 tool calls 6c
§6c — Access Provisioning: pipeline trace showing all 4 tool calls

Access Provisioning complete (result: complete). Pipeline trace: provision_ad_groups (Corporate AD — Field Engineers, success) → provision_azure_role (Reader, /subscriptions/energy-prod/resourceGroups/field-ops, success) → provision_application_access (PI System, read, success) → provision_application_access (SCADA Viewer, read, success) → verify_access_granted (all 3 systems verified). case.access.provisioned = true written by pipeline. D-24: deterministic, auditable.

AI Agent

§7 — ServiceNow Writeback

LLM generates work note; ticket automatically closed

§7a — ServiceNow Writeback node: eligible after provisioning 7a
§7a — ServiceNow Writeback node: eligible after provisioning

ServiceNow Writeback agent is queued (n5 eligible). Agent generates a professional work note and closes the ticket. Always autonomous — no human review step required. Pipeline: read data → LLM generate work note → snow_add_work_note → snow_update_request_state → write.

§7b — ServiceNow Writeback node: do tab, agent configured 7b
§7b — ServiceNow Writeback node: do tab, agent configured

ServiceNow Writeback node do tab. Agent: energy-servicenow-writeback-agent. Always autonomous mode — no graduated review gate. Pipeline will call snow_add_work_note with an LLM-generated professional summary, then snow_update_request_state to close the ticket as 'fulfilled'.

§7c — ServiceNow Writeback: pipeline trace, ticket closed 7c
§7c — ServiceNow Writeback: pipeline trace, ticket closed

ServiceNow Writeback complete (result: complete). LLM generated a formal ServiceNow work note documenting: employee name, systems granted, approver, and timestamp. snow_add_work_note called (REQ0001234). snow_update_request_state set ticket to 'fulfilled'. case.request.snow_closed = true, case.notification.status = 'ticket_closed' written.

§7d — Workflow graph: 5 nodes complete, n6 eligible 7d
§7d — Workflow graph: 5 nodes complete, n6 eligible

Workflow graph final state (n5 result: complete): Request Intake (complete), Policy Validation (complete), Manager Approval (complete), Access Provisioning (complete), ServiceNow Writeback (complete). Node 6 — Request Complete — is now eligible for the final human confirmation.

Compliance

§8 — Audit Trail

SOX/ISO 27001 evidence generated as a natural byproduct

§8a — Case Record: all schema attributes populated post-execution 8a
§8a — Case Record: all schema attributes populated post-execution

Case Record Raw Attributes: all schema attributes written after full pipeline execution. Employee profile, requested systems, policy check result, risk level, provisioning results (ad_result, azure_result, app_result, scada_result, verification), notification status, and ServiceNow ticket state — all written and queryable. Every attribute has source_type, node_id, and actor identity provenance.

§8b — Audit Trail: every agent action and human decision timestamped 8b
§8b — Audit Trail: every agent action and human decision timestamped

Complete audit trail: every agent action, tool call, and human decision recorded with timestamps and actor identity. Events include: n1 HUMAN_STATUS_CHANGE (Request Intake complete), n2 AGENT_TASK_QUEUED + AGENT_TASK_COMPLETE (Policy Validation), n3 HUMAN_STATUS_CHANGE (Manager Approval), n4 AGENT_TASK_QUEUED + AGENT_TASK_COMPLETE (Access Provisioning), n5 AGENT_TASK_QUEUED + AGENT_TASK_COMPLETE (ServiceNow Writeback). SOX/ISO 27001 compliance evidence generated as a natural byproduct of the orchestration run.

§8c — End-to-end workflow complete 8c
§8c — End-to-end workflow complete

End-to-end: a ServiceNow access request received 2026-06-01, processed through policy validation, manager approval, multi-system provisioning, and automatic ticket closure — all orchestrated by Regisseur with a real LLM reasoning engine and mock integration layer. Total elapsed: from intake to ticket closure in under 5 minutes of automated orchestration.