Seeking Guidance on Automating OAuth Token Retrieval and Management in ServiceNow

devendra_aress · ‎12-10-2023

We aim to automate this process efficiently and securely. Specifically, we're seeking advice on:

1. Automation of OAuth token retrieval: Are there recommended best practices or methods within ServiceNow to automate the retrieval of OAuth tokens?

2. Access token expiration management: What strategies or workflows can be implemented to handle the regular expiration of access tokens, ensuring seamless access without interruptions?

3. Storing tokens in the Manage Token: Is there a recommended approach for securely storing tokens within ServiceNow's Manage Token feature?

Any insights, tips, or guidance from your experiences or expertise would be immensely helpful in enhancing our token management workflow. We're eager to adopt best practices and optimize our processes.

Thank you in advance for your valuable input and suggestions!

Maik Skoddow · ‎12-11-2023

Hi @devendra_aress

I'm not sure whether I get your requirement but basically for all automatic integrations using OAuth ServiceNow is refreshing the tokens automatically. See https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1499198

Maybe you can explain better why you ask all the questions.

Maik

devendra_aress · ‎12-11-2023

Thank you, Maik, for addressing my inquiry. I have reviewed this Knowledge Base article (https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1499198), which elucidates the concept of refresh and access tokens and their respective expiration periods. According to the documentation, each refresh token remains valid for 100 days, while the access token has a 30-minute validity period.

In the context of integrating Salesforce with ServiceNow, I successfully configured a connection and credentials profile using the Salesforce client ID and client secret key obtained from the Salesforce Connected App in ServiceNow. Subsequently, I created REST messages to facilitate communication with Salesforce and initiated the authorization process by clicking on "Get Auth Token." This resulted in the successful retrieval of access and refresh tokens stored in the ServiceNow "oauth_credential" table.

As per the token provider guidelines, the access token has a 30-minute expiration window. Consequently, I need to manually trigger the "Get OAuth Token" UI action to obtain a new valid access token after every 30 minutes. I am seeking a solution to automate this process, ensuring that the system automatically acquires a new access token either every 30 minutes or upon the expiration of the previous access token.

Maik Skoddow · ‎12-11-2023

Hi @devendra_aress

can you please stop for a moment and think about carefully what you are writing? Because it makes absolutely no sense. Imagine in every ServiceNow instance in that world for each and every integration someone has to click every 30 minutes on the respective UI Action manually. Do you really think the ServiceNow works that way?

The reason for having a refresh token is to get a new access token based on that refresh token. And the article I send to you explains that ServiceNow automatically does all the OAuth handling in the background automatically. So no need to do anything manually!

Maik

devendra_aress · ‎12-11-2023

Thank you @Maik Skoddow for giving your valuable time. I don't think whatever I am writing is senseless. for me to click UI action manually every 30 minutes to get an access token so I can continue my communication with the third-party application is senseless for me.

review this article https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0791131 does this make any sense with my requirement ?