jwt token based authentication

Madhavi2 · ‎05-22-2024

Hi All,

We areintegrating servicenow with Oracle netsuite.

They have provided below postman script and asked us to configure as per servicenow.

var navigator = {}; // necessary as part of "eval" on jsrsasign lib

var window = {}; // necessary as part of "eval" on jsrsasign lib

eval(pm.globals.get("jsrsasign-js")); // grabbing jsrsasign lib, loaded in separate GET

const cryptojs = require('crypto-js'); // using crypto js for base64 encoding

// Create JWT header

var jwtHeader = {

alg: 'PS256', // Using PS256, which is one of the algorithms NetSuite supports for client credentials

typ: 'JWT',

kid: '************' // Certificate Id on the client credentials mapping

};

let stringifiedJwtHeader = JSON.stringify(jwtHeader);

// Create JWT payload

let jwtPayload = {

iss: pm.environment.get('CONSUMER_KEY'), // consumer key of integration record

scope: ['restlets','rest_webservices'], // scopes specified on integration record

iat: (new Date() / 1000), // timestamp in seconds

exp: (new Date() / 1000) + 3600, // timestamp in seconds, 1 hour later, which is max for expiration

aud: 'https://xxxxoracle.com'

};

console.log('jwtPayload', jwtPayload)

var stringifiedJwtPayload = JSON.stringify(jwtPayload);

// The secret is the private key of the certificate loaded into the client credentials mapping in NetSuite

let secret = pm.environment.get('CERTIFICATE_PRIVATE_KEY');

console.log('secret', secret)

let encodedSecret = cryptojs.enc.Base64.stringify(cryptojs.enc.Utf8.parse(secret)); // we need to base64 encode the key

// Sign the JWT with the PS256 algorithm (algorithm must match what is specified in JWT header).

// The JWT is signed using the jsrsasign lib (KJUR)

console.log('signedJWT', stringifiedJwtPayload)

try{

let signedJWT = KJUR.jws.JWS.sign('PS256',stringifiedJwtHeader,stringifiedJwtPayload,secret);

console.log('signedJWT', signedJWT)

// The signed JWT is the client assertion (encoded JWT) that is used to retrieve an access token

pm.collectionVariables.set('clientAssertion', signedJWT);

}catch(e){

console.log('e', e)

}

We have uploaded the Jks cerificate in servicenow and configured the JWT keys. I am trying with below servicenow script. I am not getting token. But when I validate that in postman the response is coming as "inavalid_token".

var jwtAPI = new sn_auth.GlideJWTAPI();
var headerJSON ={alg: 'PS256', typ: 'JWT',kid: '**********'};
var header = JSON.stringify(headerJSON);
var payloadJSON = { "iss": "client id","scope": ['restlets','rest_webservices'] ,"iat":"3600","exp":"3600","aud": "https://xxxxoracle.com"};
var payload = JSON.stringify(payloadJSON);

var jwtProviderSysId = "3af1c7111b920614570e7550cd4bcb78";
var jwt = jwtAPI.generateJWT(jwtProviderSysId,header, payload);

gs.info("JWT:" + jwt);

Please assist me on this. Am I missing anywhere in configuring header and payload?

gucaspi · ‎08-21-2024

Hi, I'm facing with the same issue, did you success to integrate with JWT to NetSuite ?

Kenny Wimberly · ‎09-17-2024

Did you ever get this working?

Shanmugam2 · ‎01-07-2025

Is your jwt_keystore_aliases keys table record configured with RSA256 or RSA512 in the Signing Algorithm?