- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
â07-25-2019 11:48 AM
I am setting up an integration between SharePoint 2013 and ServiceNow. I will be issuing inbound REST requests FROM SharePoint TO ServiceNow using the out-of-box Table REST API provided by ServiceNow. I would like to authorize the request using OAuth, specifically the Client Credentials grant type (in which a client ID and secret are used to get the access token).
Let's assume I have gone to the Application Registry, clicked "Create an OAuth API endpoint for external clients" and proceeded to register my SharePoint application and get a client ID and secret.
My question is in regards to how I will issue the request to get the access token. The ServiceNow London documentation states that the Client Credentials grant type is supported, however I cannot find an example in the documentation of issuing the request for the access token using this grant type. I am assuming I should be able to issue a request for the token with JUST the client ID and secret attached and no user credentials. But the only examples I can find are for the Password and Token Refresh grant types (here's one example and another). The Password grant type requires the client ID and secret, as well as a username and password be sent, which is not what I would like to do. Either these pages haven't been updated since support for more grant types was added, or I'm misinterpreting how this is supposed to work.
Would it be as simple as removing the username and password parameters from the requests in the examples and changing "grant_type" to "client_credentials"?
Also, once you get the access token, how does ServiceNow determine what access rights the client application is authorized for? My understanding is that the access token will not be associated with any specific user, but rather to the registered client application (SharePoint). I need to do simple CRUD operations on a request table (create, read, and update). Will I be able to do this using the Client Credentials grant type? What else will the client application be able to do? Is this configurable?
Solved! Go to Solution.
- Labels:
-
Integrations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
â07-26-2019 09:43 AM
Hi,
I did not come across such scenario where OAuth access token is used with other grant_type other than password
The Client Credentials grant type is used by clients to obtain an access token outside of the context of a user.
This is typically used by clients to access resources about themselves rather than to access a user's resources.
https://oauth.net/2/grant-types/client-credentials/
The Client Credentials grant type is not supported for inbound OAuth in ServiceNow. In ServiceNow, every session is bound to a user, and that user's roles are used to determine what the user should have access to. Client Credentials is not compatible with that model.
Hope this helps
Mark Correct if this solves your issue and also mark Helpful if you find my response worthy based on the impact.
Thanks
Ankur
Ankur
⨠Certified Technical Architect || ⨠9x ServiceNow MVP || ⨠ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
â02-14-2025 08:04 AM
Just in case someone lands on this specific article in the future, it is possible to do inbound client_credentials in ServiceNow OAuth:
https://www.servicenow.com/community/developer-blog/up-your-oauth2-0-game-inbound-client-credentials...
Aoife
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
â08-18-2020 04:36 AM
Hi,
Did you find any way to make "client_credentials" grant type work with inbound REST calls? I have similar requirement and third party applicationdoes not work with any other grant types.
Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
â07-26-2019 09:55 AM
I very recently integrated BOX's API with ServiceNow; which used a Oauth to retrieve an authorization code that I can use to retrieve an access token.
With all that jazz being said, what ultimately are you trying to achieve in your Sharepoint to ServiceNow integration? Interested because this is on my development road map, and maybe I could be of some help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
â06-05-2024 02:43 AM
@Ankur Bawiskar How to pass below in body of request?
using following in body of the request
grant_type -> password
client_id -> your client id
client_secret -> your client secret
username -> user id in snow
password -> password in snow
content-type -> application/x-www-form-urlencoded
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
â06-20-2024 04:29 AM
Hi @hkumar468746575,
Here's how you can pass these values in your body.
curl --location 'https://instance.service-now.com/oauth_token.do' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=YOUR CLIENT ID' \
--data-urlencode 'client_secret=YOUR CLIENT SECRET' \
--data-urlencode 'username=USERNAME' \
--data-urlencode 'password=PASSWORD'
Mark Helpful if you find my response worthy based on the impact.
Thanks
Shivanshu
