Token Generation

rna · ‎04-07-2015

I am trying to generate the access token for an application which I have deployed over serviceNow,

Referred the link: http://wiki.servicenow.com/index.php?title=REST_API

Rest API : https://<InstanceName>.service-now.com/oauth_token.do

Request Body:

{"grant_type":"password","client_id":"33eb1705c75f3154400b1237989343b5","client_secret":4gE[IT#5qk,

"username":"UserName",

"password":"Password"}

Response:

Status Code: 401 Unauthorized

{

"error": "server_error",

"error_description": "access_denied"

}

Am I missing anything?

silas1 · ‎01-08-2016

Curl is just another way to send an HTTP request. You can use Advanced REST Client. But you can reference the curl request to compare the HTTP request you're sending in Advanced REST client.

If it's still not working, and because you're getting a 401, it implies a username or password is not correct. You need to check both the client credentials (client_id/client_secret) and user credentials.

billytedder · ‎01-08-2016

How do I run a curl request?

Another question is even with Advanced Rest Client if I do not include the request body I still get the same error. Shouldn't I get an error stating that the request is in the wrong form or that some parameters are missing?

silas1 · ‎01-08-2016

Curl is a command line unix tool. If you're on windows you don't have it. But curl vs advanced rest client is arbitrary -- they won't differ in a meaningful way that would affect the HTTP request that gets sent. I didn't mean to distract by proposing a curl sample; my intention was just to document a request that works assuming that the passwords and other credentials are correct.

Regarding your other question, you're probably right, but that's not the way it's built.

billytedder · ‎01-08-2016

I do not know what else to do because I have verified that I am using the correct client id & secret and password. Now we do use Single Sign-On to get into ServiceNow so could this be a problem?

silas1 · ‎01-08-2016

It could be related to that. I am not as familiar with the SSO side of things. You may want to post this as a new question and include oauth & SSO in the title so you can get help from the folks who know it best.