- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2022 07:07 PM
I'm attempting to get an OAuth access token so I can access the API using the token and refresh token. I set up an application registry for "Create an OAuth API endpoint for external clients." Then I followed the instructions on the page, "OAuth API request parameters" located here. I keep getting this response when running curl:
{"error_description":"access_denied", "error":"server_error"}
When I look at the log on ServiceNow, I see the following message:
"Exception on token flow - invalid_scope: The provided OAuth token is not valid: no thrown error"
The curl command looks like this:
curl -H "Content-type:application/x-www-form-urlencoded" -d "grant_type=password&client_id=<client_id>&client_secret=<client_secret>&username=<myusername>&password=<my_password>" https://<mycompany>dev.service-now.com/oauth_token.do
This is my first trip down this path, so I'm probably missing something obvious. Is there something I'm missing?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2022 07:33 AM
I think I might have found the answer. The user account that I used did not have the "Web service access only" box checked. Apparently that is important.
I found a more useful article here: https://www.servicenow.com/community/developer-blog/oauth-2-0-with-inbound-rest/ba-p/2278926
Thanks all for having a look!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2022 07:48 PM
Did you also define the scope in the registry, for ex what action you would like to perform?
Once you setup the app registry, define scope, you need to generate the access token and refresh token manually at least once.
Once you do that, the access token and refresh token should generate automatically. You may just need to map the oauth to the REST API function to use it.
Please mark this response as correct or helpful if it assisted you with your question.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2022 07:33 AM
I think I might have found the answer. The user account that I used did not have the "Web service access only" box checked. Apparently that is important.
I found a more useful article here: https://www.servicenow.com/community/developer-blog/oauth-2-0-with-inbound-rest/ba-p/2278926
Thanks all for having a look!
