REST Call for non-admin users is failing with 401

Charles Fredie · yesterday

Hi Everyone,

I have an Outbound REST Message with Authentication Type as OAuth 2.0. I am triggering the REST Call using a BR on update of certain fields. Now the REST Call returns 200 Status if a user with Admin role updates the fields.
But when a Non-Admin user updates the fields, the REST Call in BR still triggers but returns a 401 Status Code.
So far I tried adding the below ACLs as mentioned by ServiceNow in the below article but the problem remains still the same:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0783632

OAuth Profile has Grant Type as Resource Owner Password Credentials.

Ankur Bawiskar · yesterday

@Charles Fredie

that ACL config should help here.

ensure that API user has access to OAuth Profile as well and then run

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

View solution in original post

Ankur Bawiskar · yesterday

@Charles Fredie

that ACL config should help here.

ensure that API user has access to OAuth Profile as well and then run

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Charles Fredie · yesterday

Hi @Ankur Bawiskar

Should I provide the Non-Admin user read access to the OAuth Profile?

Regards,

Ankur Bawiskar · 7 hours ago

@Charles Fredie

yes please try that.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Charles Fredie · 6 hours ago

@Ankur Bawiskar

Okay I will try it, but is it a good or recommended practice to provide read access of OAuth Profile to a Non-Admin User?

Regards