OAUTH2 rest call on behalf of connected user

Quentin2
Tera Contributor

‎10-04-2024 06:26 AM - edited ‎10-04-2024 07:04 AM

Hello everyone,

 

We need to call a third-party REST API secured by OAUTH2. We managed to correctly create an “Application Registries” for the use of Okta with “Athorization Code” flow. Here is the actual configuration we have :

 

Quentin2_0-1728048315017.png

 

 

When creating an OAUTH 2.0 Credentials, or when using a REST MESSAGE, we manage to retrieve the token and it is correctly used in the “Authorization” header. By doing this, all calls use the same token, regardless of which user is logged in.

 

We'd like to know if it's possible to have one token per logged-in user (who uses the same Okta IDP to authenticate to ServiceNow) so that calls to third-party Rest APIs are made on behalf of the person who initiated the call. Is it possible? If yes, could you provide an example please?

 

Thanks for your help!

 

  • 443 Views
1 REPLY 1

Ben81
Tera Guru

‎10-08-2024 12:03 AM

Hello Quentin2,

 

Did you find any solution to your question? I do have the same issue on my side, I am highly interested if you have any inputs?

 

Cheers,

Ben

0 Helpfuls