OAuth 401 even with token?

asampson · ‎09-08-2017

Hey SN,

We're trying to use OAuth to access our QA Environment through REST calls. We're able to recieve a token but when we try to access tables with that token we're getting a 401 returned, access denied.

I know I have ACLs on the tables we're querying, and I even disabled them, but we're still getting a 401 issue.

Any reason why this would happen?

Thanks!

asampson · ‎09-11-2017

Looks like I have to pass in a username and a password when requesting a token. That sets the access for the token.

In my original headers I was hoping to use a grant_type of client_credentials to get away from any user account management. We use SSO so passwords are not locally stored in user accounts. For the access to work I have to make a local ServiceNow account, give it a password, and the correct role. Then I can pass in that username/password to my token generator. Instead of client_credentials I now have to use a grant_type of password.

After I get that token, I no longer get my 401 errors.

View solution in original post

harishdasari · ‎09-08-2017

Hi Austin,

I suggest you to give the token in headers. this will fix the issue.

asampson · ‎09-08-2017

Thanks Harish,

I adjusted the headers, but it looks like we're still getting the exact same error. Postman includes all of them except the Authorization header by default.

No problem retreiving the token, but trying to use it gets us:

{

"error": {

"detail": "Required to provide Auth information",

"message": "User Not Authenticated"

},

"status": "failure"

}

Aditya Telideva · ‎09-08-2017

Assuming, you followed http://wiki.servicenow.com/index.php?title=Generating_OAuth_Tokens#gsc.tab=0

this should be working.

Mostly people encounter errors due to confusion of setting proper request parameters and making request with content type as application/x-www-form-urlencoded

Request parameters are actually form data you send with request. Also, If you have the request to get an oauth token working from a tool such as advanced rest client that helps you build and send web service requests then the next step I would suggest is to work on configuring oracle plsql to make the same web service request. Not being familiar with Oracle plsql I can't help you with syntax to do that but there may be someone else on the community that has done this before. My suggestion would be to create another separate post on the ServiceNow community and include what you are trying to do in the title something like 'requesting oauth token via plsql'. Having this in the title would make if more likely that someone with oracle plsql experience may find and respond to your post.

It may also be helpful to be able to see the http requests that are being made by your plsql code so you can compare the url, headers, payload with the request you are making from advanced rest client. A tool I've used in the past to help with this is RequestBin — Collect, inspect and debug HTTP requests and webhooks

Which allows me to make a request to a HTTP endpoint (hosted by requestbin) and then see exactly what my request looked like.

Hope that helps,

Aditya Telidevara

asampson · ‎09-08-2017

Funny story actually, using advanced rest client I'm unable to retrieve the token.

Our QA is running his tests in Postman. I've asked him to adjust the headers to what Harish suggested. If that doesn't work I'll start digging into your community/wiki links.

Thanks for your reply!