How to bypass SSO for new integration using oAuth?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
The current instance has Okta SSO enabled. We are trying to enable a new integration using oAuth, but when the connection is happening SSO is getting triggered everytime.
This is a third-party with no access to the SSO directory, is there a way to bypass this to get the token authentication?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
Hello @AndresGT1,
If your organization hasn't disabled local login, you could try creating a local integration user instead. Create an OAuth API endpoint, then have the 3rd-party call https://<instance>.service-now.com/oauth_token.do using either grant_type=client_credentials (if enabled) or grant_type=password with that local user. Those token calls bypass Okta because they don’t go through the UI login page. If your SSO config is still forcing /oauth_token.do through Okta, your SSO admin needs to re-enable restricted local login for APIs.
Here is a link to the documentation that should help with any additional setup.
Hope this helps!
Sr. ServiceNow Developer | Infosys
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
Can you share more of your setup? Are you sure you are not using authorization code flow for your oauth which does require user interaction as the tokens are issued with delegated permissions, this would take you to okta to authenticate? Assuming okta is your auth app as well. What you might want is to use the client credentials flow.
