Outbound REST message to Google Chat API returns an error

Lakpriya Premas · ‎01-22-2022

Hi All,

I'm new to ServiceNow and I do not possess any knowledge of coding.
I want to send an outbound REST message to Google Chat whenever a P1, P2, and P3 case is created.

I have followed the document https://docs.servicenow.com/bundle/rome-servicenow-platform/page/administer/integrationhub-store-spokes/task/setup-g-hangouts.html and created below,

From ServiceNow end,
Connection Alias, Credentials, Connection, System OAuth Application Registry. Enabled all the possible scopes under Application Registry/ OAuth Entity Scopes for testing purposes.

From Google End,
A New Project, Enabled and configured Google Chat API, Created a Service Account. Enabled all the possible scopes under App Registration.

Test Case,
Created an Action on Flow Designer with a REST API Get method to call https://chat.googleapis.com/v1/spaces for testing purposes to check the status of the connection.

Result,
Problem 01 - OAuth token releases but is only available for exact 60 minutes.

Problem 02 - REST Action Return an Error,

"error": {
    "code": 403,
    "message": "Request had insufficient authentication scopes.",
    "status": "PERMISSION_DENIED",
    "details": [
      {
        "@type": "type.googleapis.com/google.rpc.ErrorInfo",
        "reason": "ACCESS_TOKEN_SCOPE_INSUFFICIENT",
        "domain": "googleapis.com",
        "metadata": {
          "service": "chat.googleapis.com",
          "method": "google.chat.v1.ChatService.ListSpaces"

I have tried all the possible solutions related to the error and still no luck.

Many thanks if someone can help.

Maximilian Was1 · ‎02-01-2022

Hi,

there is an issue in Google Chat API. This is not related to ServiceNow.

As you can read here: Google Chat REST API Docs you should define the OAUTH2 scope to "https://www.googleapis.com/auth/chat.bot" but if you take a look at the oauth2 scope definitions for google OAuth 2.0 Scopes for Google APIs there is no scope for chat.

Solution

Use a Bot with a incomming webhook insted.

Create a Webhook in Google Chat and save the generated URL which looks like: https://chat.googleapis.com/v1/spaces/AAAAXXXXXX/messages?key=XXXXXXX&token=XXXXXXX

You can use a POST request to send a Card like this:

Create a Rest Message in ServiceNow

Add a Body:

{
    "cards": [
        {
            "sections": [
                {
                    "widgets": [
                        {
                            "keyValue": {
                                "topLabel": "${top_label}",
                                "content": "${content}",
                                "contentMultiline": "true",
                                "bottomLabel": "${bottom_label}",
                                "onClick": {
                                     "openLink": {
                                        "url": "${url}"
                                     }
                                 },
                                "icon": "${icon}",
                                "button": {
                                    "textButton": {
                                       "text": "${button_text}",
                                       "onClick": {
                                           "openLink": {
                                                "url": "${button_url}"
                                            }
                                        }
                                      }
                                 }
                             }
                        }
                    ]
                }
            ]
        }
    ]
}

Auto-generate variables and set some test values.

Now you can save and test it.

Create a FLOW Action

Create a Flow and use the Action

View solution in original post

MattiasJonsson · ‎01-24-2022

According to https://developers.google.com/chat/api/reference/rest/v1/spaces/list it looks like you need the "https://www.googleapis.com/auth/chat.bot" scope added to you oauth profile.

Please confirm you've added specifically this scope.

And then, also selected it in the Profile

If helpful or correct, please indicate so!

Lakpriya Premas · ‎01-24-2022

Hi Mattias,

Yes. I have added both https://www.googleapis.com/auth/chat & https://www.googleapis.com/auth/chat.bot scopes and selected them on the profile as well.

But still no luck and even though this chat.bot scope is mentioned in google docs. It is not accepted as a valid scope in Google API console from the Google end.

Very much appreciate your support on this.
Thank you.

Maik Skoddow · ‎01-24-2022

Hi

please check the page https://developers.google.com/identity/protocols/oauth2

There are really helpful hints to make your OAuth based authentication work. Also the the topic "scopes" is covered there.

Kind regards
Maik

Lakpriya Premas · ‎01-24-2022

Hi Maik,

Thank you for reaching out. I have followed the mentioned document and configured below steps.

OAuth configuration is complete by following this doc from ServiceNow.
https://docs.servicenow.com/bundle/rome-servicenow-platform/page/administer/integrationhub-store-spokes/task/setup-g-hangouts.html

As per the shared page by you, I was managed to create a OAuth 2.0 Client ID and a Service Account as well.

But as I mentioned in my initial email "Insufficient Scopes" error with Method failed: (/v1/spaces) with code: 401 - Invalid username/password combo is all i have as the result.

I was wondering whether i have to follow the service account with JWT key for this? I do not know.

So far OAuth 2.0 Client ID/ Secret configured token fails to get the job done.

Thanks.