No refresh token is generated

d-aizawa
Kilo Sage

‎06-23-2022 06:59 PM

Hi.

I was investigating whether ServiceNow and Google Calendar could connect using the Google Cloud Platform service account key.

I registered the key information in ServiceNow in the form of JWT and confirmed that the access token was obtained and Google Caledar was connected.

However, the refresh token I expected to be generated has not been generated.

If you don't have a refresh token, you have to press the "Get OAuth Token" button once an hour, which is quite difficult.
※ If there is any mistake in my recognition at this point, please point it out.

If anyone knows the cause, such as a setting omission, would you please let me know?

Thank you!

Rest Message

find_real_file.png

 

HTTP Methods Test

find_real_file.png

 

Manage Token

find_real_file.png

 

 

Preview file
27 KB
Preview file
62 KB
Preview file
76 KB
0 Helpfuls
  • 1,881 Views
7 REPLIES 7

Kieran Anson
Kilo Patron

‎06-25-2022 01:43 PM

Hi,

On your Application Registry [oauth_entity] record, ensure you have setup the following:

  1. Setup your Google Calendar registry as an OAuth provider
  2. Used "Authorization Code" as the grant type
  3. Authorizaiton url as https://accounts.google.com/o/oauth2/auth
  4. Token URL as https://oauth2.googleapis.com/token
  5. Send Credentials 'In Request Body'

Have the generic entity scope https://www.googleapis.com/auth/cloud-platform defined

You also need to use a custom Oauth API script to add some additional scope parameters.

Create a script include as below and add it to your application registry

var OAuthGoogle = Class.create();
OAuthGoogle.prototype = Object.extendsObject(global.OAuthUtil, {

    preprocessAuthCode: function(requestParamMap) {
        requestParamMap.put('access_type', 'offline');
        requestParamMap.put('prompt', 'consent');
    },

    type: 'OAuthGoogleIAMUtil'
});
0 Helpfuls

d-aizawa
Kilo Sage
In response to Kieran Anson

‎06-26-2022 05:32 PM

Thank you for your response while you are busy.

I have the grant type set to "JWT Bearer".

The reason is that to use the service account key as authentication information, I attached the JSON file as a certificate and generated JWT because it was described in the following article, so I executed it.

https://community.servicenow.com/community?id=community_article&sys_id=506d94d01b1ddc1017d162c4bd4bc...

So, I would like to set the grant type to JWT Bearer, but is it not possible or not to generate a refresh token with this method?

Thank you!

 

0 Helpfuls

Amit Garg
Tera Contributor
In response to Kieran Anson

‎12-24-2024 04:11 AM

Thanks Kieran,

 

I am able to generate Refresh token after creating the Script include. But now once the access token is expired, the system is not able to create a new access token until I regenerate the Refresh token . any suggestions?

0 Helpfuls

Kieran Anson
Kilo Patron
In response to Amit Garg

‎12-24-2024 06:50 AM

Hi @Amit Garg has your Google workspace administrator created your Oauth client as a service account? How long is the initial token issued for? And when you use a refresh token, are you seeing the expiration timer reset or persist?

0 Helpfuls