Only admins can make REST API calls with Oauth 2.0 Authorization code grant type

Go to solution
rohanlimaye
Tera Expert

‎06-22-2019 02:39 PM

Hi,

I have configured Oauth 2.0 to connect with third party Oauth provider. I can successfully get access and refresh token when I click 'Get oauth token link' from REST message.

I have wrote a business rule on Incident table to trigger the same REST message mentioned above. It triggers successfully for admin accounts but if I impersonate some user with non-admin roles the REST message do not execute.

Have you came across such scenario? Can you please help me with this issue?

 

Labels:
0 Helpfuls
  • 4,483 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to rohanlimaye

‎06-23-2019 02:06 AM

Hi Rohan,

Are you able to get the OAuth access token with the non-admin user session?

The ACL on the oauth_credential table might be causing this issue. Try adding a read ACL on the table and provide the role who needs this access to call and you should be able to test it.

Mark Correct if this solves your issue and also mark Helpful if you find my response worthy based on the impact.
Thanks
Ankur

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

View solution in original post

5 REPLIES 5

Go to solution
B Praveen Rao
Tera Contributor

‎03-05-2020 09:38 PM

Is there any other solution apart from creating ACL on oauth_credential table?