- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
Hi,
Is there a way to sending a REST request to the same instance that is making such request as the current user?
So, due to certain reasons I need to make a REST request from XXXX.service-now.com to XXXX.service-now.com. I can create a web service or internal integration users, create an authentication profile with its credentials and have the request use that profile.
However, the requested content may require different roles depending on the table that is being pulled, so I would like to simply use the requestor's permissions/session instead of giving the admin role to a web service user. Is this possible? I guess it is given that's what the REST API Explorer does, but I have not been able to find any information about how to do it.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
I ended up making a script to pull the session token and session id, and authenticating using the cookie and x-usertoken headers.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
When you use REST API explorer, you typically use to query the data from your own instance and you will have Web Services Admin or Admin role to access, so data retrieval works fine.
But even for REST API explorer, if you try to connect to different instance or third-party application, you need to pass basic auth credentials, OAUTH or other types of supported authentication in header before you can make the request.
If this helped to answer your query, please mark it helpful & accept the solution.
Thanks,
Bhuvan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
I am not making a request to a different instance. I am trying to do what the REST API Explorer does: Make an internal call to the same instance using the requestor user's session/permissions.
I tried using Copilot to see what it came with, it provided the following code:
var user = gs.getUser();
var username = user.getUserName();
var sessionToken = gs.getSessionToken(); // Retrieves the current user's session token
var authHeader = "Basic " + GlideStringUtil.base64Encode(username + ":" + sessionToken);
So that I could then use authHeader as authorization header in the request object, like this:
request.setRequestHeader("Authorization", authHeader);
But that did not work. The response had a 401 code and the following message:
{"error":{"message":"User Not Authenticated","detail":"Required to provide Auth information"},"status":"failure"}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
this is not possible.
You will require an API user for this.
What if the transaction is done by multiple users then will you create those many API users?
Not a good practice.
This is not how API authentication works.
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
I think there is a misunderstanding. As I mentioned before, I have one single API user. I would like to not use and instead simply authenticate as the current user when the request is made. If user A is making the request, then the authentication should be done as user A, not as a web service user.
