Problems with API using LIKE parameter

StevenAgFirst
Tera Contributor

Hello,

I am trying to access a table certificate_domain with a parameter of GET command:

 

GET https://environment.service-now.com/api/now/table/certificate_domain?sysparm_query=domainLIKExxxxxxx... 

where xxxxx's are the hostname I am looking for.

 

Issuing this command in API explorer returns the correct two records. No problems.

 

When I execute this using the API and Visual Basic code, it returns nothing and a response code of 403. When I change the Visual Basic code to have an '=' sign instead of the 'LIKE"' in the query, it returns 1 record and all is good (response code 200). However, I need all the records because some have the xxxxxx.company.net suffix on them and I want them also.

 

I can't figure out what I am doing wrong. If the command works in the API Explorer, it should work in the Visual Basic program. 

 

I appreciate anything you can tell me. Thank you in advance.

5 REPLIES 5

t_sadahisa
Giga Guru

Hello @StevenAgFirst 

 

I can't see the Visual Basic code, so I don't know the cause, but since Visual Basic has Like operator, I think some kind of escape is necessary...

 

I think it would be a good idea to check the endpoints that are set on the Visual Basic side.

Viraj Hudlikar
Giga Sage

Hello @StevenAgFirst 

 

 

The core of the problem is URL encoding. When you use the LIKE operator, the system needs to interpret it correctly.

 

The ServiceNow API Explorer is a controlled environment. It handles the URL encoding of special characters and operators (like LIKE, =, <, etc.) automatically, ensuring the request is formatted correctly before it's sent to the server.

 

In your VB program, you are constructing the URL string manually. The sysparm_query parameter, which contains domainLIKExxxx, is likely not being URL-encoded. This can cause the server to misinterpret the request, leading to a 403 Forbidden error. A 403 error often indicates that the server understands the request but refuses to fulfill it due to permission or syntax issues.

 

The LIKE operator in a URL query string is actually represented differently. For example, LIKE is often encoded as %3D in some URL encoding schemes, but the specific implementation can vary. The key is to ensure that your Visual Basic code correctly encodes the entire query string before making the API call.

 

Use a URL encoding function in your VB code to properly format the sysparm_query parameter.

 

  • Isolate the query: Create the query string separately:  Dim queryString As String = "domainLIKExxxxxxx"
  • URL encode the query: Use a function like System.Web.HttpUtility.UrlEncode or a similar function in your chosen library to encode the string: Dim encodedQuery As String = System.Web.HttpUtility.UrlEncode(queryString). This will handle all special characters, including the LIKE operator.
  • Construct the final URL: Build the complete URL by appending the encoded query string: finalUrl = "https://environment.service-now.com/api/now/table/certificate_domain?sysparm_query=" + encodedQuery

By taking this approach, your VB code will send a request that is properly formatted and understandable by the ServiceNow REST API, just like the one generated by the API Explorer.

 

If my response has helped you hit helpful button and if your concern is solved do mark my response as correct.

 

Thanks & Regards
Viraj Hudlikar.

Hello @StevenAgFirst  - 

Based on your detailed testing, the issue is not related to security or simple URL encoding. It's highly probable that there's a specific parsing problem with how the ServiceNow REST API is interpreting the LIKE operator, even when formatted correctly.

The most reliable solution is to avoid the LIKE operator and use a combination of the standard equals (=) operator and a wildcard character (*). 

ex - ?sysparm_query=domain=UC4PMWEB04*

If my response has helped you hit helpful button and if your concern is solved do mark my response as correct.

 

Thanks & Regards
Viraj Hudlikar.

Ankur Bawiskar
Tera Patron
Tera Patron

@StevenAgFirst 

error 403 means forbidden -> server understood the request but refuses to authorize it -> some permission or access issue.

Did you try passing admin credentials via VB?

Does your API user have read access to the table? read access to that field?

In addition to above

-> when you use API explorer, the query parameters are encoded properly

-> the LIKE operator should be passed as LIKE but encoded as %20LIKE%20 or properly escaped

-> Improper encoding of special characters in URL can also cause issue

-> ensure from your VB code that character is escaped or proper encoding is done

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader