Want to get bearer token to connect to API

cloudv · ‎10-01-2024

Hi i want to get bearer token by providing client id and client secret to then connect the third party API.

In postman i can provide end point, client_id and client_secret(in headers) and get the following

{

"access_token": "XXXXX",

"scope": "XXXX",

"token_type": "Bearer",

"expires_in": 2500

}

I want to replicate the same via a script include or any script in the servicenow, so far i tried this to test in background script

var request = new sn_ws.RESTMessageV2();

request.setEndpoint("https://openapi.service.TEST.net/v1/token");

request.setHttpMethod("GET");

request.setQueryParameter("Content-Type", "application/json");

request.setRequestHeader("client_id","XXXX");

request.setRequestHeader("client_secret","XXXX");

var response = request.execute();

gs.print(response.getBody());

But the response i get is

"requested resource not found"

Rajesh Chopade1 · ‎10-01-2024

hi @cloudv

you need to make a POST request instead of a GET request, as most OAuth 2.0 token endpoints require the token request to be sent as a POST. Additionally, the client_id & client_secret are typically included in the body of the request rather than as headers.

Following is sample script to obtain 'Bearer token' (you can utilize it in background script / script include)

(function() {
    var request = new sn_ws.RESTMessageV2();
    request.setEndpoint("https://openapi.service.TEST.net/v1/token");
    request.setHttpMethod("POST"); // Use POST instead of GET
    request.setRequestHeader("Content-Type", "application/json");

    // Set the body of the request with client_id and client_secret
    var requestBody = {
        "client_id": "YOUR_CLIENT_ID",
        "client_secret": "YOUR_CLIENT_SECRET"
    };
    request.setRequestBody(JSON.stringify(requestBody));

    // Execute the request
    var response = request.execute();
    
    // Check the response
    var statusCode = response.getStatusCode();
    var responseBody = response.getBody();

    gs.print("Status Code: " + statusCode);
    gs.print("Response Body: " + responseBody);

    // If needed, you can parse the response
    if (statusCode == 200) {
        var jsonResponse = JSON.parse(responseBody);
        gs.print("Access Token: " + jsonResponse.access_token);
    } else {
        gs.print("Error: " + responseBody);
    }
})();

i hope my answer helps you to resolve your issue, if yes please mark my answer helpful and correct.

thank you

rajesh

cloudv · ‎10-01-2024

Hi @Rajesh Chopade1 , I get the following error code

{"error":"bad request","description":"invalid value, field: grant_type, constraint: required"}

Rajesh Chopade1 · ‎10-01-2024

hi @cloudv

As per the error we need to include the grant_type in your request body.

Replace

// Set the body of the request with client_id and client_secret
    var requestBody = {
        "client_id": "YOUR_CLIENT_ID",
        "client_secret": "YOUR_CLIENT_SECRET"
    };

with

// Set the body of the request with client_id, client_secret, and grant_type
    var requestBody = {
        "client_id": "YOUR_CLIENT_ID",
        "client_secret": "YOUR_CLIENT_SECRET",
        "grant_type": "client_credentials" // Add the grant_type
    };

Kieran Anson · ‎10-01-2024

You shouldn't need to do this manually, instead you can create an application registry, add in the details such as client ID, secret, and URL. You can then use that application registry in future API calls.