The CreatorCon Call for Content is officially open! Get started here.

Can Rest msg using OAuth be told to execute as a particular user account from servicenow

Kumar38
Kilo Sage

we have a integration that uses OAuth and is working as expected . I assume the rest call is being executed as admin / Me . The system that I'm connecting to has some roles assigned for me. Eventually we would like to move to a system account (NUID).

 

Is this possible for OAuth type Rest messages ? I am not sure if I understanding the process right

2 REPLIES 2

Cuong Phan
Kilo Sage

Hi 

 

In ServiceNow, you can set up a REST Message that is triggered by a specific user using OAuth authentication. OAuth is a secure way to grant third-party applications limited access to your resources without sharing your credentials. Here's how you can achieve this:

  1. Create OAuth Credentials:

    • Log in to your ServiceNow instance as an administrator.
    • Navigate to "System OAuth > Application Registry."
    • Create a new OAuth application to represent the third-party application that will trigger the REST Message. Configure the appropriate settings and note down the OAuth client ID and secret.
  2. Configure REST Message:

    • Navigate to "System Web Services > Outbound > REST Messages."
    • Create or edit the REST Message you want to trigger.
    • In the Authentication section of the REST Message, choose OAuth 2.0 as the authentication type.
    • Enter the OAuth client ID and secret you obtained from the OAuth application.
  3. Create Script Include:

    • If necessary, create a Script Include to handle the OAuth token retrieval and attachment to the REST Message request. This Script Include will use the OAuth client credentials to obtain an access token.
  4. Edit the REST Message Script:

    • In the REST Message configuration, you can define the appropriate endpoint, headers, and other settings.
    • In the "Script" section of the REST Message, you can use the Script Include created in the previous step to retrieve the OAuth token and attach it to the REST request headers.
  5. Trigger REST Message by a Specific User:

    • In your application logic, you can use server-side scripting (Business Rules, Scheduled Jobs, etc.) to trigger the REST Message on behalf of a specific user.
    • Before triggering the REST Message, make sure to impersonate the desired user using the appropriate GlideUser methods, so that the REST Message is executed with the correct user's permissions.


Regards,
Cuong Phan
ServiceNow Technical Lead

Thanks for the response . Whenever I do impersonation in a script include that calls rest message . The system logs out . This is important because , I need to submit the form with the values returned from the rest call