Need guidance on updating the email account table for automatic OAuth token refresh via Slack integr

Sathwik1 · ‎12-30-2025

I’m currently working on setting up OAuth authentication with automatic token renewal using the scheduled job “Refresh Email Access Token.”

From my understanding, this scheduled job requires a corresponding record in the Email Account table in order to run successfully. Since we also have Slack integration in place, could someone please clarify what specific fields or details need to be populated in the Email Account table to ensure that access tokens are refreshed automatically?

Additionally, are there any extra steps, configuration requirements, or best practices I should be aware of to ensure this setup works reliably?

and also I here that, if we use OOB Spoke, then servicenow only updates it automatically.. here we are use OOB Spoke for slack.. so is it expected to work?

@Ankur Bawiskar

Matthew_13 · ‎01-01-2026

Here’s a short, practical version:

Check the token

Go to Connections & Credentials → Credentials or System OAuth → Token Management.
Open the Slack OAuth record.
You must see a refresh_token and an expiry.
- No refresh_token = no auto-renew.

Check Slack app

OAuth v2 enabled.
Token rotation / refresh tokens enabled.
Re-authorize once using Configure and Get OAuth Token after fixing Slack.

How auto-renew works

If a refresh_token exists, ServiceNow auto-refreshes on execution.
No extra flow needed in most cases.

If it doesn’t auto-refresh

Create a scheduled job/flow to refresh the token before expiry and update the same credential record.

Rule of thumb I say:
No refresh token → re-auth required.
Refresh token present → ServiceNow can auto-renew.

@Sathwik1 - Please mark Accepted Solution and Thumbs Up if you find Helpful!!

MJG

Sathwik1 · ‎01-01-2026

Thanks for your response, one doubt...why I don't see REFRESH TOKEN in our scenario?

I can see only ACCESS TOKEN exist in the manage tokens table..but I don't see REFRESH TOKEN record.

so just want to know...for authorised code - grant type... Will refresh token exist? @Matthew_13

Matthew_13 · ‎01-01-2026

@Sathwik1 Authorization Code does not automatically guarantee a refresh token. A refresh token only exists if the OAuth provider issues one and the integration is configured to accept it.

Break Down:

Here’s why that happens:

Grant type = Authorization Code
→ This allows refresh tokens, but does not require them.
Whether a refresh token exists is entirely controlled by the OAuth provider, not ServiceNow.
If the provider:
- doesn’t issue refresh tokens for that app
- or doesn’t have token rotation / offline access enabled
  → ServiceNow will store only the access token in the token table.

So seeing only an access token is expected behavior in many integrations.

What this means for you:

No refresh token = no automatic renewal
When the access token expires, you must re-authorize (interactive consent) unless the provider supports refresh tokens

If you expect a refresh token:

Check the OAuth app configuration on the provider side
Look for settings like offline access, token rotation, or refresh tokens
After enabling those, you must re-run “Get OAuth Token” so a new token set is issued

@Sathwik1 - Please mark Accepted Solution and Thumbs Up if you find Helpful!!

MJG

Sathwik1 · ‎01-01-2026

One last question..

In OOB Schedule Job, i.e., Refresh Email Access Token.”

I see relevant integration should have a record in the email account table..then only auto refresh or tokens will work...

What exactly we need to store in that table? and for my slack integration... first as you suggested I'll add offline_access scope and test it.. but if OOB schedule job doesn't work to refresh it.. so just want to know what details I need to add in email account table.

And here we are using slack spoke.. so for this setup different job will run for refresh the tokens?

@Matthew_13

Sathwik1 · ‎01-01-2026

@Matthew_13 please help.