ServiceNow Jira webhook is it possible to use OAuth
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-20-2024 05:08 AM
Hi
We are looking to implement the ServiceNow Jira Webhook to enable bi-directional updates. In the push flow from Jira to ServiceNow, the configuration documentation uses API Token.
Is it possible to use OAuth instead of the API Token.
If not, what are best practices around security for this Webhook? E.g., using REST API access policies to restrict IP addresses?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-27-2024 12:25 PM
Hi @anthonysymo ,
Yes I believe OAuth should be possible.
1. Set Up OAuth in Jira
- Go to Jira Settings > System > OAuth 2.0.
- Add a new OAuth credential.
- Copy the Client ID and Client Secret.
2. Set Up OAuth in ServiceNow
- Navigate to System OAuth > Application Registry.
- Click New > Connect to Third Party.
- Configure the following:
- Name: Jira Integration
- Client ID & Secret: Use values from Jira.
- Token URL: Use Jira's token endpoint (e.g., https://<jira-instance>.atlassian.net/oauth/token).
- Grant Type: Authorization Code or Client Credentials (depending on requirements).
In case you find this difficult to implement and maintain, I would recommend you to try out a completely decentralized and bi-directional integration solution like Exalate.
It provides you a Groovy based scripting engine which is very flexible and customizable. You can sync any information from the ticket (including system and custom fields).
Thanks!
