Facing issues in Certificate Based Authentication/Mutual Authentication setup
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-05-2025 02:26 AM
Hi everyone,
I’m in the process of setting up Mutual Authentication for ServiceNow REST APIs using client certificates, and facing some issues on that. I’d appreciate some guidance on whether I’m missing anything.
What I’ve Done So Far:
I followed the steps outlined in the official documentation:
Set up Mutual Authentication – ServiceNow Docs
Specifically, I’ve completed the following:
Activated the com.glide.auth.mutual plugin (Certificate-based authentication).
Verified that the instance uses ADCv2 Load Balancer.
Uploaded the CA Certificate under CA Certificate Chain (PEM format, marked active).
Uploaded the Client Certificate and mapped it to the respective user under User to Certificate Mapping.
Verified all fields (Issuer, Subject, Valid from, etc.) were populated on upload.
Enabled all required Certificate-Based Authentication properties, including:
Enable certificate based authentication: true
Other UI-related options left disabled since this is for API access only.
Made API calls (via curl and Postman) with:
Client certificate
Private key
Base URL targeting the REST endpoint
- Response to the API Call:
Status Code: 401
{'error': {'message': 'User Not Authenticated', 'detail': 'Required to provide Auth information'}, 'status': 'failure'}
My Question:
Is there any other configuration needed (either in ServiceNow or client-side) to successfully use mutual authentication for inbound web service/API requests?
I’m not seeing successful responses from the instance, and I’m unsure if it’s due to missing config, cert mismatch, or something else like IP whitelisting or logging/debugging options.
Any pointers or additional steps you’d recommend for troubleshooting or completing the mutual auth setup would be really appreciated!
Thanks in advance.
