Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

Restrict an OAuth Application to use only a specific API

Lucas Romani1
Tera Contributor

‎08-14-2023 05:34 PM - edited ‎08-14-2023 05:53 PM

Hi,

 

Is there a way to restrict a specifc OAuth Application to access/use only specifics APIs ? Example: I have a custom OAuth Application registry record called xxxx, and I what I want to achieve is: This OAuth Application token can only be used on requests for a specifc custom API (so, If i try for example make a request on Table API, CMDB API or any other API using this OAuth token, it would be denied)

 

Is there possible ? I read about REST API Auth Scopes, but I think that doesnt meet my needs.

0 Helpfuls
  • 1,682 Views
2 REPLIES 2

Maik Skoddow
Tera Patron

‎08-14-2023 06:12 PM

Hi

you can give the REST API access policies a try: https://docs.servicenow.com/bundle/utah-platform-security/page/integrate/authentication/task/create-... 

Maik

0 Helpfuls

Vinicius5
Tera Contributor

‎10-29-2024 01:12 PM

@Lucas Romani1, do you have an awnser for that?

0 Helpfuls