Google as Oauth provider

Community Alums
Not applicable

‎05-18-2017 11:47 PM

Hi Everyone!! I have set up the same steps which are given   in the product documentation

OAuth 2.0 tutorial - configure the Google service as an OAuth provider

OAuth 2.0 tutorial - create an OAuth provider and profile

OAuth 2.0 tutorial - create a REST message

I am able to do configuring google as Service Provider ,setting a Oauth provider in ServiceNow   and create a REST Message. But when i am testing the outbound REST message in Servicenow . I am getting 401 Client Error. I have followed exact steps described in the product documentation. any idea why this error?

Labels:
0 Helpfuls
  • 1,373 Views
5 REPLIES 5

josh_nerius
ServiceNow Employee
ServiceNow Employee

‎05-19-2017 04:12 PM

Hello,



On step 8 - "Get OAuth Token", do you encounter any errors? After getting the OAuth token, do you see the corresponding token in the oauth_credential table? Are you doing this in a company provided instance or a Personal Developer Instance? If it's a Personal instance, I'd be happy to take a look at the REST Message configuration for you.


0 Helpfuls

Community Alums
Not applicable
In response to josh_nerius

‎05-21-2017 11:14 PM

Hi,


I didn't encounter any error on step 8 . I am able to see the corresponding token in the oauth_credential table.


Please find the rest message configuration for me.


find_real_file.png


find_real_file.png


find_real_file.png


find_real_file.png


Preview file
33 KB
Preview file
35 KB
Preview file
32 KB
Preview file
25 KB
0 Helpfuls

Community Alums
Not applicable
In response to Community Alums

‎05-21-2017 11:17 PM

I am trying to make the above configurations work since we have similar kind of requirement. I want access Servicenow Rest API through users which can be authenticated only through SSO, since we don't store authentication information (user password) in Servicenow. Currently Servicenow supports only two methods for authenticating REST API Basic auth or OAuth and both need user's password to be there in Servicenow system. Since we don't have password of user what I am looking at is some way by which I can validate the user against SSO (Using saml or any other method) and create an actual user session in SN.


0 Helpfuls

josh_nerius
ServiceNow Employee
ServiceNow Employee
In response to Community Alums

‎05-22-2017 07:05 PM

If i understand correctly this scenario is using OAuth in the opposite direction - inbound to ServiceNow instead of outbound to another API. Is this correct?



Starting with the Istanbul release of ServiceNow, you can use Auth Code Grant Flow to authorize inbound API calls and this is compatible with SSO. Because Auth Code Grant Flow is redirect based, any redirects that involve your SSO provider will also be followed. I wrote two blog posts that discuss how to configure this - these may help.



Inbound OAuth Auth Code Grant Flow Part 1 - Getting Started with Postman


Inbound OAuth Auth Code Grant Flow Part 2 - Using OAuth and Passport.js in a Node.js/Express Web App


0 Helpfuls