- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā01-16-2023 09:31 PM
Hello,
I have to integrate a third-party cloud platform with ServiceNow. We have to make REST API calls to query ServiceNow data from Asset Management. Is it possible to use SSO authentication for the API instead of providing local account credentials? Release version is Tokio. Thank you in advance!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā01-16-2023 09:55 PM
For a user action-driven integration, you can use OAuth 2.0 Authorization code flow support by the ServiceNow platform for inbound API Authentication. A client can get an authorization code after the user completes the SSO login on the ServiceNow instance. An access token can then be received in exchange of the authorization code for making API calls.
The platform also accepts identity tokens generated by a third-party OIDC provider for inbound API authentication. Here is the documentation.
For system-to-system integration without user intervention, you can use the JWT bearer grant type.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā08-18-2024 07:45 PM
Yes, it does.
You can use OAuth 2.0 Authorization code flow support by the ServiceNow platform for inbound API Authentication.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā08-21-2024 12:15 PM
Alright, it appears this would require some UI confirmation by the user to allow or deny access to servicenow during the transaction. Is that right?
I'm also curious, would a rest service role be needed for all the users? or is the rest_service used only in cases of service accounts?
Thank you for your responses
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā01-17-2023 11:03 AM
@Randheer Singh We need system-to-system integration that will not require user to physically go and authenticate every time that token expires. Our system is supposed to constantly query Asset Management data via API calls. We may consider scripted REST as necessary. We are looking into Okta as a potential SSO provider.
JWT bearer grant option: It looks like SSO is not involved here, as it gets bypassed. We are not sure how long the token is valid and what its flow.
Identity tokens generated by a third-party OIDC: this is the part we are trying to explore now.
If you can provide any additional info based on the provided information - that would be greatly appreciated. Thank you for the response.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā02-25-2025 06:09 PM
Hi - Any update on the third-party OIDC ? i have similar usecase.
A third party application want to access ServiceNow incident table api but they want to use Azure as the oauth provider not servicenow.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā06-11-2025 11:56 AM
I have exactly your case, and I copied down these links to start prototyping tomorrow:
- Configure an OAuth profile to use a client ID and secret for token generation
https://www.servicenow.com/docs/bundle/washingtondc-platform-administration/page/administer/notifica... - (misc) Configure OAuth application in Microsoft Azure
https://www.servicenow.com/docs/bundle/yokohama-integrate-applications/page/administer/integrationhu...
Good luck!
