Requirement :

Third-Party application Kong API to consume ServiceNow Table APIs to Query, Create and Update [GET, POST, PUT] Change and Incident requests.

Current Solution :

Below are the steps currently followed for the integration,

* We have created a local account in servicenow with web services role
* Registered an OAuth Application Registry of type ‘Create an OAuth API endpoint for external clients’
* Third party system uses grant_type=password to get access token and refresh token from ServiceNow for initial request. For subsequent requests, it uses grant_type=refresh_token to get access tokens
* Kong API uses OAuth Access token in header of REST API calls to ServiceNow Table APIs for Change and Incident Request 

Below are the links for reference,

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0778194

https://docs.servicenow.com/bundle/vancouver-platform-security/page/administer/security/reference/r_...

Problem Statement :

Client stakeholders do not want to use local servicenow account to get the initial access token and refresh token. They want to use Azure AD account via SSO login to get the tokens. 

To Be Solution :

We already have an existing Azure AD integration for SSO and User Provisioning. Is there an option in ServiceNow wherein Access token and Refresh token REST API calls can be made in ServiceNow using SSO User ?

If yes, can you please share documentation link and how to pass the user information payload ?

If there are alternate options wherein REST API Call to Azure AD can be used to get Authorization Code and in turn Access tokens can be fetched from ServiceNow to access Table APIs, please suggest as well.