401 - Invalid username/password combo using OAuth 2.0

Omkarbh1997
Tera Expert

‎06-27-2025 12:16 AM

Hi All,
We are currently implementing Single Sign-On (SSO) integration. Upon successful SSO authentication, user information is stored in the ServiceNow User table. During each login session, a unique token is generated by the external portal. This token is required to authenticate API requests using OAuth credentials in order to retrieve user-specific data from the external portal.

Since the token is dynamically generated with each login, it is essential to store this token securely within ServiceNow. The stored token will then be retrieved and used to make authenticated API calls to the external portal, ensuring seamless access to user data.

After I'm trying to get the users data from third party application using REST Message using GET Method. In that REST we have to use OAuth 2.0 authentication and authorization code, when we test it it shows the 401 error. I have attached all screenshots for your reference.

Screenshot (48)_LI.jpg

Screenshot (47)_LI.jpg

Thank You.

 

0 Helpfuls
  • 789 Views
5 REPLIES 5

pavani_paluri
Giga Guru

‎06-27-2025 12:47 AM

Hi Omkar,

If the token is generating for each user, where are you storing it, in a custom field or session variable.

Please validate scopes and client credentials in the external OAuth app and check the System logs --> HTTP logs for full request and response which helps in debugging.

 

Mark it helpful if this helps you to understand. Accept solution if this give you the answer you're looking for
Kind Regards,
Pavani P

0 Helpfuls

Omkarbh1997
Tera Expert
In response to pavani_paluri

‎06-27-2025 06:08 AM - edited ‎06-27-2025 06:52 AM

Hi @pavani_paluri 
Actually we are not generating/storing token, when the user login through SSO we have to use that user token and hit the APIs.
Can you please provide the code to automate getting 'access token' instead of clicking 'Get OAuth Token' each time the access token expires.
can you please explain how to get the user token in system without storing in any table.





0 Helpfuls

Muhammad Salar
Giga Sage

‎06-27-2025 05:36 AM

Hi @Omkarbh1997 
Are you sure access_token value in HTTP Headers will be written as Bearer {{eyjhb.... ?
I think it should be like this Bearer eyjhb..... 


0 Helpfuls

Muhammad Salar
Giga Sage
In response to Muhammad Salar

‎06-27-2025 10:28 AM - edited ‎06-27-2025 10:28 AM

Hi @Omkarbh1997 . have you tried changing access_token  Bearer value like this?

 

0 Helpfuls