OAuth 2.0 Client Credentials works in Postman but not from ServiceNow-to-ServiceNow (401 error)

Go to solution
dd31
Tera Contributor

yesterday - last edited 8 hours ago

Hi all,
 

I followed all the steps to set up OAuth 2.0 Client Credentials for a ServiceNow-to-ServiceNow integration:

  1. In Instance A (target), created an OAuth Provider (Application Registry) with Client ID, Client Secret, and Redirect URL. Associated a user (with admin role) under OAuth application user.

  2. In Instance B (caller), created an Application Registry to consume Instance A’s credentials (client id, secret, token URL, grant type = Client Credentials).

  3. In Instance B, created a REST Message pointing to Instance A’s Table API, set Authentication type = OAuth 2.0

  4. Clicked on Get OAuth Token — token is generated successfully.

  5. But when I test the HTTP method (GET) in the REST Message, I get:

401 User Not Authenticated - Required to provide Auth information

 

0 Helpfuls
  • 478 Views
1 ACCEPTED SOLUTION

Go to solution
VikMach
Mega Sage
In response to dd31

3 hours ago - last edited 3 hours ago

@dd31, Ok. I achieved that also without using UserID and Password.
Step 1)
All that you need to do is, in your Target Instance from where you got your Client ID and Secret, ensure the "Default Grant type" is set to "Client Credentials" and "OAuth Application User" as your Rest User profile with right level of API access/roles. Like example below.
I gave my Rest User service account "snc_platform_rest_api_access" role. It allows access to Rest APIs:
- Table API
- Import Set API
- Aggregate API
- Attachment API

 

VikMach_0-1757074901800.png



Step 2) In your source instance, from where you're calling the target instance for Token(s), ensure to set "Grant type" in your OAuth Entity Profile as "Client Credentials".
Save the record and go to your REST Message record and click on "Get OAuth Token" related link. It will auto fetch the "Access token" and "Refresh token".

I just tried and it worked for me!

Let me know if any issues.

Regards,
Vikas K

View solution in original post

0 Helpfuls
12 REPLIES 12

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

yesterday

@dd31 

share the script you are using.

It should work fine

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
dd31
Tera Contributor
In response to Ankur Bawiskar

yesterday

hi @Ankur Bawiskar 

I have created a simple REST message using OAuth 2.0 for authentication and the GET HTTP method, targeting the table API of target ServiceNow instance. When I click 'Get OAuth Token,' it retrieves the token successfully, but when I click 'Test' under Related Links, it returns this message: {"error":{"message":"User Not Authenticated","detail":"Required to provide Auth information"},"status":"failure"} Method failed: (/api/now/table/sys_user) with code: 401 - Invalid username/password combo

0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to dd31

yesterday

@dd31 

how it behaves when you run background script?

you should first get access token and then use that in actual API call.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
dd31
Tera Contributor
In response to Ankur Bawiskar

yesterday 

var clientId = "****";
var clientSecret = "**"; 
var tokenUrl = "https://*****.service-now.com/oauth_token.do";

var tokenRequest = new sn_ws.RESTMessageV2();
tokenRequest.setHttpMethod("post");
tokenRequest.setEndpoint(tokenUrl);
tokenRequest.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");

var tokenBody = "grant_type=client_credentials"
+ "&client_id=" + encodeURIComponent(clientId)
+ "&client_secret=" + encodeURIComponent(clientSecret);

tokenRequest.setRequestBody(tokenBody);

var tokenResponse = tokenRequest.execute();
var tokenStatus = tokenResponse.getStatusCode();
var tokenBodyResp = tokenResponse.getBody();

gs.info("Token Status: " + tokenStatus);
gs.info("Token Response: " + tokenBodyResp);

// Parse access token
var tokenJson = JSON.parse(tokenBodyResp);
var accessToken = tokenJson.access_token;
gs.info("Access Token: " + accessToken);

var apiUrl = "https://****.service-now.com/api/now/table/sys_user?sysparm_limit=5";
var apiRequest = new sn_ws.RESTMessageV2();
apiRequest.setHttpMethod("get");
apiRequest.setEndpoint(apiUrl);

apiRequest.setRequestHeader("Authorization", "Bearer " + accessToken);
apiRequest.setRequestHeader("Accept", "application/json");

var apiResponse = apiRequest.execute();
var apiStatus = apiResponse.getStatusCode();
var apiBody = apiResponse.getBody();

gs.info("API Status: " + apiStatus);
gs.info("API Response: " + apiBody);
gs.info("API Error Message: " + apiResponse.getErrorMessage());

Although i am able to retrieve the access token, but when i hit the main table api, i am getting exactly same error in background script, i tried on 2 of my personal PDIs, there also i am facing a similar issue.

0 Helpfuls