Hello,

We are currently implementing an OAuth 2.0 integration in ServiceNow for one of our clients.

The requirement is to retrieve a personal token for each user by using the Authorization Code flow with PKCE.

The current configuration is working correctly:

• users are able to initiate the OAuth flow through oauth_initiator.do;
• the personal authentication flow completes successfully;
• both the access token and the refresh token are created correctly;
• the tokens are stored in oauth_credential.

However, I would need help on the following points.

First, how can we properly regenerate a new access token by using the refresh token already stored by ServiceNow? I didn't found any documenation how to do it.
Is there an OOTB-supported way to force or trigger the refresh token flow before executing a REST Message, or should ServiceNow automatically refresh the access token when it has expired?

Second, how can we handle the behavior of the oauth_initiator.do page after the token has been acquired?
Today, the user must follow a two-step process:

1. click a UI Action to generate the personal OAuth token if no valid token is available;
2. manually close the OAuth window and then click another UI Action to execute the REST Message using the generated token.

Ideally, we would like to improve this flow by either:

• automatically closing the oauth_initiator.do window once the token has been acquired;
• or automatically triggering a request or a custom action immediately after the OAuth flow completes.

Do you know whether there is a supported way to customize the behavior after oauth_initiator.do / oauth_redirect.do completes, or whether this two-step process is the recommended approach?