OAuth : Script to Automate Token Request

Go to solution
Ram117
Kilo Sage

‎07-08-2020 09:59 PM

Experts,

I am working on an integration between servicenow and another case management application. I am setting up OAuth integration. I am successful in setting up with  Grant type as JWT Bearer token. Now I need to do it with Grant type as password.

I did the initial OAuth Configurations in servicenow and is successful in setting up the REST message which successfully gives me Access Code.

I am having trouble in Automating this via script. 

 

 var payload = {

    "grant_type": gs.getProperty('x_1234_sf.sdc_oauth_grant_type').toString(),
    "username": gs.getProperty('x_1234_sf.sdc_oauth_user').toString(),
    "password": gs.getProperty('x_1234_sf.sdc_oauth_user_pwd').toString(),
    "client_id": gs.getProperty('x_1234_sf.sdc_client_id').toString(),
    "client_secret": gs.getProperty('x_1234_sf.sdc_client_secret').toString()

};

 

Need to pass this payload into the rest message

try {

	var r = new sn_ws.RESTMessageV2();
	r.setHttpMethod("POST");
	r.setEndpoint(gs.getProperty('x_1234_sf.sdc_oauth_end_point'));
	r.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");

	r.setRequestBody(< how do I formulate the request body ?? >);


	this.response = r.executeAsync();
	this.response.waitForResponse(5);
	this.httpResponseStatus = this.response.getStatusCode();
	this.responseBody = this.response.getBody();
	var obj = JSON.parse(this.responseBody);

	this.result = {

	"resp_code": this.httpResponseStatus,
	"a_token": obj['access_token'],
	"type_token": obj['token_type']

	};

 

Please provide some guidance.

 

thx

ram.

Labels:
0 Helpfuls
  • 10,409 Views
1 ACCEPTED SOLUTION

Go to solution
Ram117
Kilo Sage
In response to Ankur Bawiskar

‎07-09-2020 01:38 PM

Thank you for the reply Ankur.

Figured out the fix for this issue. 

What I was doing wrong is formulating the request Body while calling the OAuth API end point.

For Resource credentials grant type, the request body should be like as in the below script.

I do not have to use any of the GlideOAuth related methods.

var req = new sn_ws.RESTMessageV2();
req.setEndPoint( < OAUTh end point URL >);
req.setHttpMethod('POST');
req.setRequestHeader('content-type','application/x-www-form-urlencoded') 
req.setRequestBody(grant_type=" + grant_type + "&username=" + username + "&password="+encodeURI(pwd)+ "&client_id="+client_id+"+ "&client_secret="+client_secret));
var response = req.ExecuteAsync();
response.WaitForResponse(10);
var responseBody = response.getBody();
var obj = JSON.parse(responseBody);
gs.info('Token : "+obj.access_token);

 

With the above script, I am able to get the access code without converting the biz rule to Async & display the info message to the end user.

 

thx

ram.

View solution in original post

0 Helpfuls
14 REPLIES 14

Go to solution
Ram117
Kilo Sage
In response to Ankur Bawiskar

‎07-09-2020 01:38 PM

Thank you for the reply Ankur.

Figured out the fix for this issue. 

What I was doing wrong is formulating the request Body while calling the OAuth API end point.

For Resource credentials grant type, the request body should be like as in the below script.

I do not have to use any of the GlideOAuth related methods.

var req = new sn_ws.RESTMessageV2();
req.setEndPoint( < OAUTh end point URL >);
req.setHttpMethod('POST');
req.setRequestHeader('content-type','application/x-www-form-urlencoded') 
req.setRequestBody(grant_type=" + grant_type + "&username=" + username + "&password="+encodeURI(pwd)+ "&client_id="+client_id+"+ "&client_secret="+client_secret));
var response = req.ExecuteAsync();
response.WaitForResponse(10);
var responseBody = response.getBody();
var obj = JSON.parse(responseBody);
gs.info('Token : "+obj.access_token);

 

With the above script, I am able to get the access code without converting the biz rule to Async & display the info message to the end user.

 

thx

ram.

0 Helpfuls

Go to solution
SN Emy
Tera Guru
In response to Ram117

‎01-11-2023 09:21 PM

HI,

Do you think it's safe to pass the user /pwd on the request body?

@Ankur Bawiskar 

I have something similar where I have to request an auth token

 

POST https://{appl}/rest/login-sessions X-Api-Version: 1000 { "password":"mypassword", "userName":"administrator", "loginMsgAck":"true" }

What is the best way to pass the user/pwd?

0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to SN Emy

‎01-16-2023 07:45 PM

@SN Emy 

As per my understanding the user id/pwd should get encoded when you send it

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
SN Emy
Tera Guru
In response to Ankur Bawiskar

‎01-17-2023 11:30 AM

 @Ankur Bawiskar Thank you

Can you please provide an example? I am using a include script function 

Authenticate User

 

Authenticate user - administrator from directory - mydirectory.

Request

POST https://{appl}/rest/login-sessions

X-Api-Version: 1000
Content-Type: application/json

{
    "authLoginDomain":"mydirectory",
    "password":"mypassword",
    "userName":"administrator",
    "loginMsgAck":"true"
}
0 Helpfuls

Go to solution
Ram117
Kilo Sage

‎07-09-2020 01:41 PM

Thank you @Ankur Bawiskar , @Robert Beeman  for your replies and help. 

0 Helpfuls