Restrict an OAuth Application to use only a specific API

Lucas Romani1
Tera Contributor

‎08-14-2023 05:34 PM - edited ‎08-14-2023 05:53 PM

Hi,

 

Is there a way to restrict a specifc OAuth Application to access/use only specifics APIs ? Example: I have a custom OAuth Application registry record called xxxx, and I what I want to achieve is: This OAuth Application token can only be used on requests for a specifc custom API (so, If i try for example make a request on Table API, CMDB API or any other API using this OAuth token, it would be denied)

 

Is there possible ? I read about REST API Auth Scopes, but I think that doesnt meet my needs.

0 Helpfuls
  • 1,042 Views
2 REPLIES 2

Maik Skoddow
Tera Patron
Tera Patron

‎08-14-2023 06:12 PM

Hi

you can give the REST API access policies a try: https://docs.servicenow.com/bundle/utah-platform-security/page/integrate/authentication/task/create-... 

Maik

0 Helpfuls

Vinicius5
Tera Contributor

‎10-29-2024 01:12 PM

@Lucas Romani1, do you have an awnser for that?

0 Helpfuls