Incorrect Token URL when setting up GitLab Spoke a...

My goal is to create and invoke GitLab commands via ServiceNow Actions using a GitLab Spoke. I am attempting to setup my GitLab Spoke (Connect to a GitLab application) in ServiceNow using the instructions found at:

Google: “servicenow.com” "GitLab Spoke"

The error comes when I attempt to get the OAuth Token here:

…while logged into ServiceNow as admin, attempt to test it by copy-and-pasting the Token URL {Get OAuth Token} into the browser, I authorize ServiceNow application within GitLab:

…, then this is displayed:

Questions:

1. Is there any insight why this is not working or where I could find the correct Token URL?

2. It is plausible that this may arise with OAuth when the endpoints cannot communicate due to security/networks issues. However, both ServiceNow and GitLab are accessible on the same domain and not www publicly accessible. Are the Mid-servers adequate to authenticate OAuth 2.0?

3. The instructions explicitly state that the “Send Credentials” within the ServiceNow Application Registry should be set to <In Request Body (From URL-Encoded)>.

…If I change the “Send Credentials” to <As Basic Authentication Header>, would the change allow me to use the mid-server and the credentials for the GitLab spoke to connect to our GitLab instance while not compromising security?

4. What is the best means of testing the connectivity of the GitLab spoke to GitLab using an outbound RESTful Authentication action from ServiceNow?

1,884 Views

9 REPLIES 9

Leave everything as outlined in the Docs' Setup Instructions - Register GitLab as OAuth Provider

https://docs.servicenow.com/bundle/sandiego-application-development/page/administer/integrationhub-store-spokes/task/setup-gitlab-spoke.html#register-gitlab-oauth

But, change the Redirect URL of the GitLab Spoke settings to:

http://<your_instance_ip>/oauth_redirect.do

Does it now pull the Token correctly?

This results from changing the redirect:

...And:

Apologies as I failed to also state that you need to update your GitLab Application Configuration to also reflect the same Callback/Redirect URL. Did you make those changes as well?

Here is a screenshot from my GitLab Application Settings -

We are working to build and configure the ServiceNow GitLab spoke. This will primarily be used to enable developers to create ServiceNow workflows to invoke GitLab pipelines, enable tokenized authentication, and manage branches, groups, issues, merge requests, projects, and sources code in GitLab.

When performing a test of the GitLab spoke, a secure https GitLab tokenized URL is generated. Our instance of GitLab is rejecting all https URLs, while our ServiceNow instance accepts both https and http. When the same tokenized URL is manually changed to http, copy-and-pasted into a browser, GitLab authorizes ServiceNow to access the GitLab account.

What are ways to re-configure the GitLab spoke to generate a http GitLab tokenized URL OR enable GitLab to accept http and https traffic?

Also, following this manual ServiceNow authorization to gain access to GitLab resources, and failure error is generated in the browser by the ServiceNow URL redirect that reads, "Gitlab Token Management table doesn't have any matching record. please follow documentation to create a record".

What is the root cause and possible ways to mitigate this error?

Refer to the attachments.

98 KB

112 KB

145 KB

Incorrect Token URL when setting up GitLab Spoke along with GitLab application