Developer Accounts: Are there any OAuth Client limitations?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2023 08:58 AM - edited 10-10-2023 07:16 AM
Hello, I have a developer account.
The goal of my development is the integration of ServiceNow REST API into my product's service, and it requires multiple ServiceNow OAuth clients, one per my service's deployment environment.
My product's service will have a different base URL per deployment environment, thereby, a different redirect_uri per deployment. Example for redirect_uri:
1. LOCAL: http:/localhost/oauth/callback
2. DEMO: https://demo.services.example.net/oauth/callback
3. PROD: https://services.example.com/oauth/callback
In this example, since I have three redirect_uri callbacks, ServiceNow requires an OAuth client for each, and each has been setup exactly the same: Account, Active, "All Application scopes", Not Public. Only difference is redirect_uri.
A. OAUTH-CLIENT-A-LOCAL
B. OAUTH-CLIENT-B-DEMO
C. OAUTH-CLIENT-C-PROD
During test of these three OAuth Clients:
- OAUTH-CLIENT-A-LOCAL works in LOCAL deployment
- OAUTH-CLIENT-B-DEMO works in DEMO deployment
- OAUTH-CLIENT-C-PROD passes OAuth 1st phase but fails with 2nd phase (403)
I found this odd.
To diagnosis, I switched around redirect_uris for each of the three OAuth Clients:
- For all three OAuth Clients if provided with LOCAL redirect_uri, they would successfully complete OAuth.
- However, only one OAuth Client can successfully complete OAuth if switched with any of the three redirect_uri(s). Be it LOCAL, DEMO, and PROD.
I found that only OAUTH-CLIENT-B-DEMO, if switched with any of the three redirect_uris (LOCAL, DEMO, PROD), will work with all the deployments.
What is happening?
How do I resolve? I need a separate OAuth client per deployment environment DEMO and PROD.
Thank you
