How to get access token by using OAuth configuration using client credentials to make Outbound call?

Go to solution
KM SN
Tera Expert

‎02-13-2025 05:51 AM - edited ‎02-13-2025 05:56 AM

When I click on Get OAuth token, I am getting OAuth flow successful and seeing access token in the OAuth Credentials but when I did same by going into the get token http method and testing the connection I am again getting the 401 error. I am not sure why this is happening?

 

If I want to leverage the access token produced by rest message how I need to get it for furthermore actions as I need to pass it as a header to make outbound call? 



R-1.png

R-2.png

R-3.png

0 Helpfuls
  • 4,992 Views
1 ACCEPTED SOLUTION

Go to solution
Rajesh Chopade1
Mega Sage
In response to KM SN

‎02-18-2025 06:10 AM

Create an OAuth Profile:

Navigate to: System OAuth > Application Registry. If you haven’t already created an OAuth Profile, you need to do so. This profile will store the OAuth credentials, such as the Client ID, Client Secret, and other authentication details.

 

OAuth provider details. (this info you can see when you going to create OAuth application registry)

  • Name: A unique name.
  • Client ID: Client ID of application registered in third-party OAuth server.
  • Client Secret: Client secret of application registered in third-party OAuth server.
  • Refresh Token Lifespan: Time in seconds the Refresh Token will be valid.
  • Authorization URL: OAuth Server's auth code flow endpoint. Required only for Authorization Code grant type.
  • Token URL: OAuth Server's token endpoint.
  • Token Revocation URL: OAuth Server's token revocation endpoint.
  • Redirect URL: OAuth callback endpoint. Leave it empty for auto-generation.

Attach the OAuth Profile to the REST Message:

Navigate to: System Web Services > Outbound > REST Message.
Either create a new REST Message or edit an existing one.
In the Authentication tab, under OAuth 2.0, select the OAuth Profile you created earlier. This links the REST message to the OAuth Profile, which will automatically handle token management for you.
Token Management: ServiceNow will automatically fetch, refresh, and append the access token to the Authorization header for all REST API calls made using this REST Message.

 

Using the REST Message in Scripts (Flow/BR/Script Include/Sjob): Once the OAuth Profile is linked to the REST Message, you can simply call the REST message from a Flow, Business Rule (BR), Script Include, or Scheduled Job.

You do not need to manually pass the Authorization header in your API calls anymore.

Also you can refer following links for same :
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0693451

 


https://www.servicenow.com/docs/de-DE/bundle/vancouver-api-reference/page/integrate/outbound-rest/ta...

 

View solution in original post

14 REPLIES 14

Go to solution
Rajesh Chopade1
Mega Sage

‎02-16-2025 10:22 PM

hi @KM SN 

A 401 error generally indicates that the authentication is failing. Although you've obtained an OAuth token in the OAuth Credentials, there may be issues with how the token is being used.

Ensure that the OAuth token is not expired and is being correctly passed as a Bearer token in the header.

Make sure you are including the Authorization: Bearer <token> header in all outbound REST calls.

 

I hope my answer helps you to resolve your issue, if yes please mark my answer helpful and correct.

thank you

Rajesh

 

 

Go to solution
KM SN
Tera Expert
In response to Rajesh Chopade1

‎02-17-2025 02:46 AM

Now I am getting 403 as the status code with message...
 {"error": {"code":"0x80072560","message":"The user is not a member of the organization."}}

0 Helpfuls

Go to solution
Rajesh Chopade1
Mega Sage
In response to KM SN

‎02-17-2025 06:29 AM

 

Ensure the correct API credentials are being used (OAuth token, username/password, etc.)

Verify that API permissions or roles are assigned to the user in the external system.

Test the user's access manually in the external system (or via Postman) to isolate the issue

Go to solution
KM SN
Tera Expert
In response to Rajesh Chopade1

‎02-17-2025 06:46 AM - edited ‎02-17-2025 06:47 AM

The OAuth client populates the client credentials in the request:

In Request Body (Form URL-Encoded)
Basic Authorization header
As Private Key JWT


do you have any idea how the first one works.? if you opt for 2nd, do we need to manually pass the authorization header when we are calling Rest message or is it handles automatically as I opted OAuth and its profile attached to it??

 

  • If I always need to pass manually whenever I call the Rest Message what is the need of attaching the OAuth Profile to Rest Message.? This something weird for me can you give me some insights?
0 Helpfuls

Go to solution
Rajesh Chopade1
Mega Sage
In response to KM SN

‎02-17-2025 11:17 PM

hi @KM SN 

Once you attach the OAuth Profile to the REST Message, ServiceNow will automatically manage the OAuth token for you, including:

 

  • Fetching the access token from the OAuth provider.
  • Refreshing the token when it expires (if the OAuth provider supports refresh tokens).
  • Including the token in the Authorization header for every REST call made using this REST Message.

 

  • You don’t need to manually pass the Authorization header in each API call. ServiceNow will handle that for you based on the OAuth Profile configuration.