Reference:
Authorization code flow example: ServiceNow instance as authorization server
Per the reference
One instance uses a REST call to request tokens from another instance.
Is this stating that one ServiceNow instance's OAuth can authenticate ServiceNow clients to access their ServiceNow instances (which may or may not be a different instance)?
In typical implementations of OAuth (Google, Dropbox, Box, Microsoft, Salesforce, DocuSign, HubSpot, etc.), OAuth URLs (authentication, token, and profile) do not have a variable (for example, ServiceNow's instance id) as part of the URLs subdomain.
If this is true, then this would be great!
This would be a follow-up need:
ServiceNow OAuth: User/Instance Profile Info endpoint? All services with OAuth support do.
