How to generate Refresh token?

Ereshkigal · ‎06-17-2022

Hi.

I'm investigating to integrate Google Calendar and ServiceNow.

The requirement is to connect with a service account key instead of the Outh 2.0 Client ID.

After some trial and error, I succeeded in getting an access token.

However, since the access token is only valid for one hour, I think I need a refresh token.

I'm not very knowledgeable about generating refresh tokens, so could anyone please tell me?

Thank you!

REST Message：

Manage Token：

Log returned after clicking "Get Outh Token"：

The Application Registry etc. was created with reference to the following materials.

https://community.servicenow.com/community?id=community_article&sys_id=506d94d01b1ddc1017d162c4bd4bc...

Swarup Patra · ‎02-07-2024

To generate a refresh token in ServiceNow, you need to follow these steps:

1. Navigate to System OAuth > Application Registry.
2. Click New to create a new OAuth application.
3. Fill in the necessary details like Name, Client ID, Client Secret, etc.
4. In the "Refresh Token Lifespan" field, enter the lifespan of the refresh token in seconds.
5. Save the application.
6. Now, to generate the refresh token, you need to make an HTTP POST request to the ServiceNow OAuth token endpoint (https://.service-now.com/oauth_token.do).
7. The request should include the following parameters:
- grant_type: Set this to "password".
- client_id: The Client ID of your OAuth application.
- client_secret: The Client Secret of your OAuth application.
- username: The username of the ServiceNow user.
- password: The password of the ServiceNow user.
8. The response of this request will include an access token and a refresh token.
9. You can use the refresh token to get a new access token when the current one expires.

Please note that the refresh token is only provided if the "Refresh Token Lifespan" field in the OAuth application is set to a value greater than 0.

nowKB.com

Sandhya V · ‎09-16-2024

@Swarup Patra There is no Grant type with name "Password", am I missing anything?

NirbhayOO7 · ‎10-13-2024

Hi @Ereshkigal,

Hope this post help you, if yes mark this as helpful.

Please follow below steps to get both access and refresh token in google oauth.

Steps:

1. Go to Application Registry(oauth_entity) table.

2. Create and oauth entity profile, fill in the required details like:

Name, Client ID, Client Secret, Default Grant type, Refresh Token Lifespan, Token URL(Image attached for reference).

3. In google o auth you need to define OAuth Entity Scopes(this information you will get from google api documentation, which will define the scope of Google API you are using, image attached for reference).

4. Save this record, on saving this record an OAuth Entity Profile will be automatically created in the very same application registry record, open the OAuth Entity Profile and associate the OAuth Entity Scope which you have created in step 3.

5. Now the create a REST message and select this O Auth profile, which you have created in step 4.

6. And then click on Get Oauth token related link, fill in your google id and password and click next and continue.

7. Now after doing all this you will be able to get the access token, now to get the refresh token, you need to set the access_type to offline for the newly created application registry, to do this create an script include mentioned below.

var OAuthGoogle = Class.create();
OAuthGoogle.prototype = Object.extendsObject(global.OAuthUtil, {

    preprocessAuthCode: function(requestParamMap) {
        requestParamMap.put('access_type', 'offline');
        requestParamMap.put('prompt', 'consent');
    },

    type: 'OAuthGoogleIAMUtil'
});

8. Now go to Application Registry and open newly created oauth_entity profile and go to field OAuth API Script and select the newly created script include OAuthGoogle (see above attached image of oauth_entity profile).
9. Now go to REST message which you created first and now again generate the oauth token, this time both access and refresh token will be generated.