I want to get an access token automatically

Ereshkigal
Tera Contributor

‎06-19-2022 11:20 PM

Hi.

I'm investigating to integrate Google Calendar and ServiceNow.

The requirement is to connect with a service account key instead of the Outh 2.0 Client ID.

After some trial and error, I succeeded in getting an access token.

To get an Access token, you need to select "Get Outh Token", but it expires in 1 hour, so I feel it is a hassle.

To solve this,

  1. schedule this UI Action with a script
  2. gets a refresh token

Which is better?

Thank you!

find_real_file.png

Preview file
19 KB
Preview file
20 KB
0 Helpfuls
  • 1,096 Views
6 REPLIES 6

Ankur Bawiskar
Tera Patron
Tera Patron

‎06-19-2022 11:26 PM

Hi,

I would suggest this

1) when you perform your actual API call; just before this use the script to get the token

2) use that access token immediately in your API call

regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls

Ereshkigal
Tera Contributor
In response to Ankur Bawiskar

‎06-20-2022 12:01 AM

Thank you for your reply.

In the above case, since programming knowledge is a beginner, we would appreciate it if you could cooperate with sample code.

Thank you!

0 Helpfuls

Ankur Bawiskar
Tera Patron
Tera Patron
In response to Ereshkigal

‎06-20-2022 12:29 AM

Hi,

here are few links which should help you get started

https://hi.service-now.com/kb_view.do?sysparm_article=KB0791131

https://community.servicenow.com/community?id=community_question&sys_id=135f64cedb3214d0b1b102d5ca96...

https://servicenowthink.wordpress.com/2020/05/15/how-to-authenticate-with-refresh_token-and-bearer-a...

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls

Ereshkigal
Tera Contributor
In response to Ankur Bawiskar

‎06-20-2022 01:06 AM

Thank you for linking the materials.

I ran the following script based on the collaborative material.

background script

var tokenRequest = new sn_auth.GlideOAuthClientRequest();
tokenRequest.setGrantType("urn:ietf:params:oauth:grant-type:jwt-bearer");
tokenRequest.setRequestor("aa726f6e8704511006738517cebb3599");

var oAuthClient = new sn_auth.GlideOAuthClient();
//Google Calendar is Application Registy's Name.
var tokenResponse = oAuthClient.requestTokenByRequest("Google Calendar", tokenRequest);
var token = tokenResponse.getToken();
if (token) {
    gs.info("AccessToken:" + token.getAccessToken());
    gs.info("AccessTokenExpiresIn:" + token.getExpiresIn());
    gs.info("RefreshToken:" + token.getRefreshToken());
}

The result of Script is as follows.

Getting JWTProvider for jwtProviderSysId = 68f7cb6687c0511006738517cebb3541
Getting JWTProviderConfig for jwtProviderId = 68f7cb6687c0511006738517cebb3541
Started to generate JWT
Successfully generated JWT
loading trust store certificate code_signing_key_sandiego_publiccodesignver (pem)
loading trust store certificate ejbca_snc-high-assurance-pki-issuing-chain (pem)
loading trust store certificate ejbca_dcb3b7c0db5080588aea21c4059619d8_publickeywrap (der)
loading trust store certificate ejbca_dcb3b7c0db5080588aea21c4059619d8_publicsigver (der)
Access Denied to cryptographic module 'global.com_glide_certificates_glideencrypter': no thrown error
Access denied to crypto module
string may not be encrypted: Input length must be multiple of 8 when decrypting with padded cipher
loading trust store certificate code_signing_key_rome_publiccodesignver (pem)
loading trust store certificate InCommon_Meta_Signing (pem)
loading trust store certificate SAML 2.0 (pem)
Access Denied to cryptographic module 'global.com_glide_certificates_glideencrypter': no thrown error
Access denied to crypto module
string may not be encrypted: Input length must be multiple of 8 when decrypting with padded cipher
loading trust store certificate ejbca_snc-high-assurance-pki-root-chain (pem)
Certificate dcb3b7c0db5080588aea21c4059619d8vaultcredcert of Type pkcs12_key_store is NOT supported in cache!
Access Denied to cryptographic module 'global.com_glide_certificates_glideencrypter': no thrown error
Access denied to crypto module
string may not be encrypted: Input length must be multiple of 8 when decrypting with padded cipher
*** Script: AccessToken:ya29.c.b0AXv0zTO--1HnBdOr94lTG7Egpv5Jh6UqUpQuNFXxfHbJtT0xLdQ9QLGusUxt_eR9Y4JUy41s8PjIcHVUc8OyyPIUalbKBO6aM8PDXRflmk0AaQd6ie_JwetJBh17g-OEDEIYvJKFJX0Nq-YRAHt3Rn7Nd22XcGJZdUf86h_o1YKAAyd1RqKWEf-g__Lc2YNvZcYeL7nss2JVSbuupl2BEVsx4hiIeA.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
*** Script: AccessTokenExpiresIn:3599
*** Script: RefreshToken:null

The access token does not seem to be able to generate a refresh token.

Is there anything wrong with the above code or settings?

Thank you!

 

0 Helpfuls