How to share access token with multiple users
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-02-2022 11:07 AM
Hi All,
In a scoped application, I am connecting with Third Party APIs using access token. The access tokens are generated by consuming the servicenow oauth2.0 methods.
I would like to maintain one access token and one refresh token in the environment which can be used by any user. Similarly when the access token and refresh token has expired, new tokens can be generated by any user.
Currently when I am generating an access token, it can be consumed only by that specific user and admin role. However, it cannot be consumed by any other user.
Any information will be really helpful. Thanks in Advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-02-2022 11:48 PM
Hi
unfortunately it is not really whether the connection is inbound or outbound.
But in any case, you always communicate with externals via REST message (outbound) or Scripted REST APIs (inbound). If you want to enable more than one user to use that communication relation, you have to implement an abstraction layer (for example a Script Include) which handles the communication and can be used by any user.
And to answer your question: No it is not possible to share refresh tokens. If that were possible, the whole OAuth concept would be pointless.
Maik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2022 10:20 PM
Hi Maik,
Thank you so much for the response. I have script include to call the Rest Message. The reason I was asking for sharing the tokens is that the credentials (username and password) along with client details used to connect to the third party provider is going to be the same for all users.
Also, if I generate the tokens using a scheduler...will the other users be able to access it as the tokens will be created by "system"
Thanks,
Subramani
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2022 10:27 PM
Hi
yes, this is the nature of system-to-system communication - for example for requesting data from external providers.
A completely different scenario, you would have if the external provider requires that each request has to be done with a dedicated user account. Implementation of such a scenario is more complex and cannot be answered in a simple Community question.
Maik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2022 07:13 PM
