yes I m on the Istanbul version, can you assist with documentation/sample with the auth code grant flow.

I m not keen on using the service account I want to run in the user context.

Check out these blog posts:

Inbound OAuth Auth Code Grant Flow Part 1 - Getting Started with Postman

Inbound OAuth Auth Code Grant Flow Part 2 - Using OAuth and Passport.js in a Node.js/Express Web App

They walk you through the process of getting a working OAuth provider configuration up and running and how to test it. I'm not very familiar with SharePoint, so I don't have any resources about how to configure that side of things.

Will you be at Knowledge/CreatorCon next month? If so, I'm also running an OAuth Auth Code Grant Flow session there and I'd love to chat afterwards about what you're working on.

i was able to get it working with postman.

However when i make the same from my application it gives me an unauthorized error when requesting for bearer token from SLT/code.

can you share any sample/request in .net/javascript passing the SLT and getting the bearer token?

incase of postman i believe that is happening internally so we are not sure about the exact request.

I don't have C#-specific code but here is an example of the raw HTTP request needed to get a token. This would take place after you have an Authorization Code.

POST https://instance.service-now.com/oauth_token.do

Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Accept: application/json

---Body---

code=<removed>&client_id=<removed>&redirect_uri=<removed>&client_secret=<removed&grant_type=authorization_code

Where code is the Authorization Code obtained in step 1 of the flow and the other values match the OAuth Provider record you created.

You should get a response that looks like this:

HTTP 200

---Body---

{"access_token":"<the-token>","refresh_token":"<the-token>","scope":"useraccount","token_type":"Bearer","expires_in":1799}