- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2025 05:37 AM
We have a requirement where vendor needs mtls + outhjwt assertion to generate access token.
> we have generated custom cert using javakeystore in our midtier (servicenow provided cert is not acceptable for vendor due to wild characters in common name) and imported the keystore in servicenow certificates folder. we also imported vendor pem cert in certificates folder.
> created protocol
> created JWT key entry with reference to keystore created above. algorithm used RSA 256. vendor using HS256.
> created JWT Provider entry with claims provided by vendor
> created oauth application registry entry with JWT bearer as grant type and also enabled mutual authentication flag.
when trying to generate token getting below error.
the request is missing a required parameter, includes an unsupported parameter value (other than grant type),repeats a parameter, includes multiple credentials,utilizes more than one mechanism for authenticating the client, or is otherwise malformed.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-23-2025 09:37 PM
Hi Srikanth,
The KB is helpful. we were able to establish connection already with these below steps.
> Created custom DNS and redirect to ServiceNow instance. Created custom url for the instance by installing plugin(not sure whether this step is needed but created as part of one the resolution provided related to certificate issue)
> Installed jks file with custom cert signed CA authority and trust source cert by vendor in Certificates folder.
> Created Protocol for keystore created.
> Created JWT key entry with client secret as signing key (HMAC 256) provided by Vendor.
> Created JWT provider with reference to JWT Key created above.
>Created rest message with mutual authentication flag enabled with reference to protocol profile and created http methods for accessing token and resources.
> Http methods inherit mutual trust from rest message and its http headers and content parameter variables gets their values from flow designer custom action scripts(JWT assertion ,JWT Token and Payloads, uuid(v4 style).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2025 04:02 PM - edited 02-24-2025 09:26 AM
Hi Venkata Krishna,
Yes, JWT OAuth 2.0 + mtls is supported.
The following KB article -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-23-2025 09:37 PM
Hi Srikanth,
The KB is helpful. we were able to establish connection already with these below steps.
> Created custom DNS and redirect to ServiceNow instance. Created custom url for the instance by installing plugin(not sure whether this step is needed but created as part of one the resolution provided related to certificate issue)
> Installed jks file with custom cert signed CA authority and trust source cert by vendor in Certificates folder.
> Created Protocol for keystore created.
> Created JWT key entry with client secret as signing key (HMAC 256) provided by Vendor.
> Created JWT provider with reference to JWT Key created above.
>Created rest message with mutual authentication flag enabled with reference to protocol profile and created http methods for accessing token and resources.
> Http methods inherit mutual trust from rest message and its http headers and content parameter variables gets their values from flow designer custom action scripts(JWT assertion ,JWT Token and Payloads, uuid(v4 style).