Multi-factor authentication for inbound REST

priisholm
Mega Expert

‎06-06-2017 06:53 AM

Hi !

Does anyone have some knowledge on the MFA for inbound REST?.. How does one interact with a system..

BR

Soren

0 Helpfuls
  • 5,384 Views
13 REPLIES 13

Rand889
Tera Contributor
In response to Brad Tilton

‎03-22-2023 06:14 AM

Updated link for Utah:  https://docs.servicenow.com/bundle/utah-api-reference/page/integrate/inbound-rest/concept/c_RESTAPI....

Multi-factor authentication for inbound REST

When multi-factor authentication is enabled for a user account, you must submit an MFA token with basic auth credentials when making REST requests as that user.

To send an MFA token with a REST request, append the token to the end of the user's password in the basic auth username:password string, such as joe.employee:password62161147. Encode the full string including the MFA token using base64 encoding, then send the encoded string in the Authorization header.

0 Helpfuls

Rand889
Tera Contributor
In response to Brad Tilton

‎03-22-2023 06:19 AM - edited ‎03-22-2023 06:20 AM

Looks like the link above is no longer working.  Link to Utah documentation:

https://docs.servicenow.com/bundle/utah-api-reference/page/integrate/inbound-rest/concept/c_RESTAPI....

`

Multi-factor authentication for inbound REST

When multi-factor authentication is enabled for a user account, you must submit an MFA token with basic auth credentials when making REST requests as that user.

To send an MFA token with a REST request, append the token to the end of the user's password in the basic auth username:password string, such as joe.employee:password62161147. Encode the full string including the MFA token using base64 encoding, then send the encoded string in the Authorization header.

0 Helpfuls

felladin
Tera Guru

‎06-07-2017 01:24 AM

Hello,



I am no expert on the subject, but you should try this:


Using OAuth 2.0 for Server to Server Applications   |   Google Identity Platform   |   Google Develo...



As you say, the system isn't an end user, so it needs another authentication. Not sure if above link will help you use the same authentication as your end users, most likely you will need to bypass that authentication all together, unless you are talking to a Google service.


yogesh15dd
Tera Guru

‎03-28-2018 12:23 AM

Hi,

 

Did you do this?

 

I have enabled MFA for my rest User account,problem is everytime we can't change the passcode from our third party hardcoded Rest call.

 

How you will give passcode for inbound rest call, when the  passcode keeps on changing ?

 

 

Thanks

0 Helpfuls

felladin
Tera Guru
In response to yogesh15dd

‎03-29-2018 12:34 PM

Hello,

 

I'm afraid I have not had time to implement it myself.

It should be possible to get a temporary token for each session; but that demands a way to automatically verify your credentials.

 

Please ask around for this; if I find a solution I will inform you as well.

 

With regards

Anton

0 Helpfuls