Hi Dhananjay,

The form you're using in this screenshot is for consuming external REST APIs that require OAuth (outbound). The Token URL is used to configure the endpoint ServiceNow will use to retrieve tokens when communicating with an external API. Example: Retrieve a token from Google and use that token to call the Google Calendar API from ServiceNow.

The scenario you describe: "authenticate inbound REST API request (Table API) using OAuth from a Third-party provider" is not strictly possible. ServiceNow must generate the tokens used by external apps.

Starting with Istanbul, ServiceNow supports inbound Auth Code Grant Flow which gives you more flexibility and may be closer to what you're looking for. Using ACGF, users are redirected to the ServiceNow UI to authorize the request. If there is a 3rd party SSO provider configured, they will be redirected to that SSO provider to log in and redirected back to ServiceNow to authorize the flow. This means the external app is never aware of the username/password, only the token retrieved upon completing the authorization flow.

I've written a few blog posts about using Auth Code Grant Flow in Istanbul:

Inbound OAuth Auth Code Grant Flow Part 1 - Getting Started with Postman

Inbound OAuth Auth Code Grant Flow Part 2 - Using OAuth and Passport.js in a Node.js/Express Web App

I realize these do not directly address your current use case, but take a look and see if this sort of functionality will meet your needs. The challenge for you is that Istanbul is required.