Create an OAuth API Endpoint for External Clients

mdshahvez11 · Sunday

Hello @Everyone,

I recently came across the option “Create an OAuth API endpoint for external clients” under Application Registry and wanted to understand it better.

In my earlier integrations, I have used “Connect to a third-party OAuth Provider”, where:

I register the ServiceNow application in the target application.
The target application provides a Client ID and Client Secret.
These credentials are then configured in the ServiceNow -> Application Registry.
After that, a consent popup appears which we approve to establish the connection.

However, with “Create an OAuth API endpoint for external clients”, I have a few questions:

1. If the requirement is to fetch data from a target application, why do we create an OAuth endpoint for an external client?
Why can’t we directly use Connect to a third-party OAuth Provider in this case?

2. When using “Create an OAuth API endpoint for external clients”, how does the data flow work?

How do we receive data from the target application?
Do we need to create custom actions or Scripted REST APIs to consume the target application’s APIs?
How are connections and credentials configured in this approach?

Please let me know if my understanding is correct or if I’m missing something.

Thanks in advance.

Ankur Bawiskar · yesterday

@mdshahvez11

both the items you highlighted are for different purpose

1st is used -> when ServiceNow is the provider and 3rd party wants to use OAuth to connect to instance

2nd is used -> when ServiceNow is the consumer and 3rd party wants you to use OAuth to connect to their API

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Sandesh Powar · yesterday

Connect to a third-party OAuth Provider is used when ServiceNow needs to call another application and get data from it. In this case, ServiceNow acts as the OAuth client.

Create an OAuth API endpoint for external clients is used when another application needs to call ServiceNow APIs. Here, ServiceNow acts as the OAuth server and issues access tokens.

If your requirement is to fetch data from a target application, you should use Connect to a third-party OAuth Provider, not the OAuth endpoint for external clients.

With Create an OAuth API endpoint for external clients, the external system authenticates with ServiceNow and then calls ServiceNow APIs (Table API, Scripted REST, Import Sets, etc.).

OAuth only handles authentication; any data processing or logic still needs to be done using APIs, Scripted REST, or Flows.

If my response helped, please mark it as correct ✅and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,

Sandesh

Ankur Bawiskar · 4 hours ago

@mdshahvez11

Hope you are doing good.

Did my reply answer your question?

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

SohamTipnis · 22 hours ago

Hi @mdshahvez11 ,

Why create an OAuth endpoint for external clients?
- You create an OAuth endpoint to allow external apps to securely access your ServiceNow APIs. This is for managing OAuth tokens for external clients.
How do data flow and configuration work?
- External clients authenticate via the OAuth endpoint, and you may need to create scripted REST APIs or custom actions to handle the data. Credentials (client ID, secret) are configured in ServiceNow's OAuth application registry. Let me know if this helps you.

If you find my answer useful, please mark it as Helpful and Correct ‌‌😊

Regards,

Soham Tipnis

ServiceNow Developer || Technical Consultant
LinkedIn: www.linkedin.com/in/sohamtipnis10