Publish any workflow, automation, or agent action as a governed catalog item any authorized team, agent, application, or pipeline can run. Every trigger mode routes through the same governed execution engine. Engineering stops being the bottleneck.
Self–service without governance is just ungoverned access. Itential separates consumption from execution – teams request operations through any interface they prefer, while the platform enforces RBAC, parameter validation, blast–radius controls, approval gates, and audit logging on every request. The same governed execution engine serves the NOC engineer clicking a portal, the CI/CD pipeline calling an API, the FlowAgent invoking a tool, and the AIOps platform firing an alert. Same policy. Same audit trail. Every time.
Every workflow, automation, and agent action built on the platform can be published as a governed catalog item. Each item carries its own RBAC controls – who can discover it, who can run it, and who can monitor the results – defined independently per item. Parameter validation ensures inputs are correct before anything runs. Blast–radius controls limit scope. Pre/post checks validate conditions before and confirm outcomes after.
Each catalog item defines access independently – discovery, execution, and monitoring permissions set separately per item, per team, per use case.
Every catalog item defines validated input parameters via JSON schema. Wrong inputs rejected before they reach the execution engine – no silent failures.
Define the maximum scope of any single execution – devices, geography, service tier. Executions exceeding defined boundaries require escalation before anything runs.
The self–service catalog isn’t just for human operators. Every catalog item is simultaneously a portal-accessible operation for NOC engineers, a REST API endpoint callable by CI/CD pipelines and external applications, an MCP tool invocable by FlowAgents and external AI systems, and a native ServiceNow operation requiring no custom integration code. One definition. One governance model. Every consumer routes through the same governed execution engine.
Every published catalog item automatically surfaces in ServiceNow – governed infrastructure workflows triggerable without leaving ServiceNow, with no custom integration code required.
Every catalog item exposed as a documented REST API endpoint with a defined schema – CI/CD pipelines and external systems call governed operations programmatically.
Every catalog item registered as a callable MCP tool – FlowAgents and external LLMs invoke governed operations with schema–validated, RBAC–enforced, blast–radius–controlled inputs.
Not every infrastructure operation should wait for a human to initiate it. The self–service catalog supports fully event–driven execution – Kafka event streams, AIOps alert webhooks, monitoring notifications, scheduled intervals, or any system that can call a REST API. Every event–triggered execution routes through the same governed engine – RBAC, blast–radius controls, HITL approval gates for high–severity events, and a complete audit trail. Routine operations close automatically. High–blast–radius events surface for human review.
Publish catalog items as consumers of Kafka topics – configuration change events trigger governed remediation workflows automatically, with pre/post validation and no human polling required.
Any AIOps platform or monitoring system can trigger governed catalog executions via webhook or REST API – alert context validated, right workflow executed automatically.
Routine events execute autonomously below configured thresholds. High–blast–radius or high–severity events surface for human review with full context before any action executes.
Every workflow, automation, and agent action executed through the platform is visible in Job Viewer, step-level, real-time, with full input/output capture throughout. When a workflow pauses for approval or a FlowAgent surfaces a recommendation, Work Center gives operators a focused queue of tasks awaiting input — full execution context per task, purpose-built task interfaces, no debugging-tool detour. For consumers who want plain-language access, any MCP-compatible LLM can connect to the live execution layer to query what’s running, what completed, what failed, and what changed. Every access path respects the same RBAC model.
Live step-level visibility for every running workflow – current step, input/output at each step, failure attributed to the exact step and input that caused it.
Operators see only the workflows and FlowAgent sessions awaiting their action, not the entire execution landscape. Quick Form task interfaces replace JSON Form workarounds. Every decision logged with full attribution.
Every execution contributes to time–saved tracking – actual vs. baseline manual process time, consumption analytics by team and use case, bottleneck identification at scale.
Whether a NOC engineer is provisioning a VLAN through the catalog portal, a CI/CD pipeline is calling a firewall workflow via API, or an AIOps platform is triggering closed–loop remediation, every operation executes the same way – governed workflows, validated inputs, and a complete audit trail. The consumer changes. The execution guarantees don’t.
A NOC engineer selects the VLAN provisioning workflow from the governed catalog, enters validated parameters, and submits. The platform validates inputs, checks blast–radius, provisions across every site via Itential Gateway, runs post–checks, updates the CMDB, and notifies the engineer – network engineering involvement: zero.
A CI/CD pipeline calls the governed firewall rule workflow via REST API – the platform validates the request against policy, routes it through the security team’s approval gate, executes the change, and returns a structured result to the pipeline. The developer never opened a ticket.
An AIOps platform detects a BGP anomaly and fires a webhook – the platform validates the input, evaluates blast–radius, runs the remediation workflow with pre/post checks, and updates the ITSM ticket with execution evidence. A connected LLM gives the on-call engineer a plain language summary of what happened and what was done – in under three minutes.
A ServiceNow change request triggers the governed multi–domain migration workflow – pre–checks validate state across every affected system, changes execute in parallel across network, cloud, and firewall domains, and the record closes with a complete audit trail. Total engineer involvement: change approval.
Rundeck and PagerDuty Runbook Automation are solid runbook execution platforms – they let operations teams trigger scripts and procedures through a web interface with basic RBAC. Where they fall short for enterprise infrastructure operations: they execute scripts, not orchestrated multi–domain workflows. There’s no native multi–step orchestration across network devices, cloud APIs, ITSM systems, and IT platforms in a single governed execution path. There’s no pre/post validation, no blast–radius controls, and no HITL approval gates built into the execution model. There’s no event–driven closed–loop model connecting AIOps detection to governed remediation. And there’s no AI–native capability – FlowAgents calling catalog items as tools, FlowOps querying execution state in plain language, and incident resolution without human relay are not patterns Rundeck supports. Itential’s self–service catalog is the governed consumption layer above a full orchestration engine – not a script runner with a UI.
Internal developer portals like Backstage are excellent at surfacing APIs, documentation, and service catalog metadata – they give developers visibility into what’s available and let them initiate requests. The gap is always execution: Backstage knows what’s in the catalog and can route a request, but the actual infrastructure execution – the governed multi–domain workflow that provisions the resource, validates the outcome, updates the CMDB, and closes the ticket – requires a separate execution layer. Itential is that execution layer. Backstage can surface Itential catalog items as developer–facing operations – the developer clicks in Backstage, the request routes to Itential’s governed execution engine, the workflow executes with full validation and audit trail, and the result returns to Backstage. The portal provides the interface. Itential provides the governed execution.
Most RBAC models for self–service tools are binary – you either have access to something or you don’t. Itential’s catalog RBAC model is granular and independent per catalog item: who can discover the item, who can execute it, and who can monitor the execution results are all set independently. A developer can discover that a firewall workflow exists and monitor their own execution results without being able to run workflows that affect other teams’ infrastructure. An operations team can run a compliance check without seeing the parameters or results of a provisioning workflow they didn’t trigger. And every access decision is enforced by the governed execution engine – not just the UI – so API calls, pipeline triggers, and agent invocations respect the same RBAC model as browser–based catalog access.
A monitoring dashboard shows infrastructure state as captured by polling intervals or event streams – a view into telemetry and configuration data updated on a schedule. A CMDB query returns records accurate as of the last sync. FlowOps queries the platform’s live execution layer – what’s actually executing right now, what completed in the last N minutes, what failed and at which step, what agent actions are in progress, what approval gates are pending. It’s a natural language interface to the execution state of every governed operation running on the platform, enforcing the same RBAC as every other access path. The answer reflects what’s actually happening – not what a dashboard last computed.
Any system that can send a webhook, call a REST API, or produce a Kafka event can trigger governed catalog executions. The trigger carries structured inputs – device identifier, event type, severity, contextual metadata – which the platform validates against the catalog item’s defined input schema before execution begins. If inputs are valid and blast–radius is within configured limits, the workflow executes immediately. If blast–radius thresholds are exceeded or severity requires human review, the execution is queued for HITL approval with full event context presented to the approver. Every event–triggered execution produces the same complete audit trail as any human–initiated operation – trigger source, inputs received, validation results, execution path, and outcome.
Yes – every catalog item is automatically registered as a callable MCP tool through the Itential MCP Server and included in the FlowAgent tool library. A FlowAgent reasons through a goal, determines which catalog operations are needed, and calls them with structured inputs – exactly as a human would initiate them through the portal, but programmatically and at machine speed. External AI systems and LLMs access catalog items through the Itential MCP Server – schema–validated, RBAC–enforced, blast–radius controlled, and audited before anything executes. The catalog becomes the governed interface between AI systems and infrastructure operations – agents get access to exactly what they’re authorized to run and nothing else.
See how the self–service catalog, event–driven closed–loop execution, and FlowOps give every consumer the infrastructure operations they need – on-demand, governed by default, and visible in real time.