How to get Auth Token using script when grant type is Authorization code

Rizwan Shaikh · ‎11-19-2019

Hi All,

I have set up a REST Message outbound using OAuth 2.0.

Accordingly i have set up OAuth Profile

I am able to get the token access token using 'Get OAuth Token' link in REST Outbound. I want to implement this in script. I have been trying the following code.

var tokenRequest = new sn_auth.GlideOAuthClientRequest();
tokenRequest.setGrantType("authorization_code");

var oAuthClient = new sn_auth.GlideOAuthClient();
var tokenResponse = oAuthClient.requestTokenByRequest("Google Entity profiles", tokenRequest);
gs.info("Error:" + tokenResponse.getErrorMessage());

var token = tokenResponse.getToken(); 
gs.info("AccessToken:" + token.getAccessToken());
gs.info("AccessTokenExpiresIn:" + token.getExpiresIn());
gs.info("RefreshToken:" + token.getRefreshToken());

However it is not working. I am getting the following response

failed to find the oauth entity.
*** Script: Error:failed to find the oauth entity.
*** Script: AccessToken:null
*** Script: AccessTokenExpiresIn:0
*** Script: RefreshToken:null

Please can someone suggest the correct syntax to get Authorization code for grant type as authorization code. I can only find the syntax for grant type password nut not for authorization code.

Note: Grant type is not password.

Help is much appreciated. Thanks!

SN developer3 · ‎10-05-2021

Hi @Rizwan Shaikh ,

Where to check whether we recieved the token or not after clicking on "get oauth token" link?

Rasmita · ‎01-24-2020

Hi Rizwan,

Thank you for the information. It is been really helpful.

I created a scripted rest api as below with empty result.

https://instancename/api/tieoy/google/oauth_redirect

I am able to get the auth code using the above scripted service uri as redirect url.

Below is the example URL that gives me the authorization code.

https://accounts.google.com/o/oauth2/v2/auth?client_id=client_id&redirect_uri=https://instancename.service-now.com/api/tieoy/google/oauth_redirect&scope=https://www.googleapis.com/auth/admin.directory.device.mobile.readonly&response_type=code&access_type=offline

And now using the generated code in URL, I am able to get the token in background script.

However, now I want to understand how to consume the above URL in service now instance and generate the code. Because, when I tried to consume the URL in REST message , the response does not return code.

Please let me know how to achieve this.

Rizwan Shaikh · ‎01-29-2020

Hi Rasmita

Yes basically when the url is consumed in REST message it returns an html response which is basically the html code for consent screen.

Basically You dont need auth code everytime.

What you need is refresh token. The refresh token will refresh your access token everytime. You only need auth code once.

However if you want to get the auth code you will have to design a client side application like UI page or portal that will trigger the auth code url.

You can even create a Client side UI Action.

I hope this make sense

Thanks,
Rizwan

Please mark my answer correct and helpfull if it really helped.

CoffeeInMyVein · ‎02-08-2021

Hi,

it their anyway to get this thru scripting so we can generate the auth code once expired.automatically.

Knight Rider · ‎01-24-2020

Hi Rizwan,

In your OAuth provider, Did you populated OAUTH API Script field with "OAuthUtil" like below

Thanks,

-Vinay.