Google API

pathat · ‎02-03-2016

Hello.

Has anybody experiment or developed a workflow in ServiceNow that calls out to Google using the Google APIs? I'm interested in hearing about your experiences and lessons learned.

I am interested in managing users in my Google domain via the Google Directory API.

Emil4 · ‎04-25-2017

Hi Tom,

The reason is in Get OAuth Token UI Script.

Please see picture below:

As you can see, grantType value in condition is different to value in error message that you have got.

I can explain this if we look into OAuth Profile form design:

So, in UI script choice value used in condition instead retrieved choice label.

Once you make changes there, all will work well.

robertmaxwell · ‎03-15-2017

My company uses google as our email provider.

I'm currently setting up an integration for an automated onboarding app.

My intention is to use a service account within the Google system that SN will use to authenticate and communicate server to server.

I will post my solution when I get it it nutted.

brantgluth · ‎04-03-2017

I am working on a similar setup for onboarding with our system. I've got the AD cloning working, Ofifce365 scoped out, now I'm working on the Google myself. I've got the OAuth working with ServiceNow, but am currently struggling with configuring the REST in SNow. If I come up with anything useful, I'll try to post to this thread as well.

Robert Beeman · ‎05-04-2017

Hi robertmaxwell and brantgluth ,

I'm looking to set up a Google service account with 'G Suite Domain-wide Delegation' as well.

I was able to get an Oauth token, and a HTTP 200 on my GET, following this guide Outbound REST with OAuth 2.0 profile tutorial - integrating with Google Contacts API, but the service account is a different animal.

The service account requires a signed JWT with a P12 or JSON private key instead of the shared secret. This was easy to set up in Google, but I'm not sure how to configure ServiceNow to utilize it. I'm hoping this is supported out of box. Did you have any progress?

brantgluth · ‎05-05-2017

I did a bit of digging, and for setting up service accounts for Google

Administration, I hit a big airy wall of nothing for suggestions. The

current route (which may be overkill) that I'm building is as follows:

1. Wrap the Google .NET Api into a custom web service I host internal to my

network. This web service will have the required certs and authentication

built into it to make the calls to Google.

2. use orchestration to make REST calls from within my custom activity to

my web service and handle responses for the workflow.

As of this typing, I have the dll I wrote successful checking for account

existence, creating accounts, resetting passwords, disabling accounts and

assigning users to Org units. I started building the Web API web service

yesterday, and am hoping to tie the dll in today and be testing it early

next week.

I was hoping that it would be something that would be easier to integrate

with Orchestration (and it may yet be, I just haven't found it) but setting

it up as a service account so that there'd be no user interaction for Oauth

tied me me up for too long. So I decided to roll my own so I could move

past the google and finish our onboarding app by getting this and Office365

integrated with our AD provisioning too that I built up.

The advantage of rolling my own web service is I can send and receive

anything I like for logging and provisioning as well as expand

functionality as we move forward. I've ended up doing the same with

powershell to roll my own AD management activities to reduce workflow steps

and get around some limitations I found with the out of the box

Orchestraton components.

On Thu, May 4, 2017 at 9:47 AM, rbeeman <community-no-reply@servicenow.com>