question Configuring an API Key for an Outbound REST Message in ServiceNow AI Platform forum

Configuring an API Key for an Outbound REST Message

simulationelson — Mon, 21 Mar 2016 03:35:10 GMT

I'm new to ServiceNow and currently trying to configure an outgoing REST message for the first time. I'm checking out https://currency-exchange.p.mashape.com/exchange and have already obtained my API key. The problem is, how will I configure the API key, when in the Outbound > REST Message module you can only configure either Basic or OAuth 2.0 for the authentication? Or am I missing something here?

{"message":"Missing Mashape application key. Go to http:\/\/docs.mashape.com\/api-keys to learn how to get your API application key."}

Re: Configuring an API Key for an Outbound REST Message

tony_barratt — Mon, 21 Mar 2016 06:40:27 GMT

Hi Nelson,

Is the far end expecting the api token in the header?

You can set name-value pairs in the header.

RESTMessageV2 - setRequestHeader(String name, String value)

Best Regards

Tony

Re: Configuring an API Key for an Outbound REST Message

craigsnowadmin2 — Fri, 25 Mar 2016 14:26:25 GMT

So is this different than using the Oauth and basic authentication? why does it have to RESTMessageV2 ,can standard REST messageauthentication cannot be used in geneva? does this work for post method also? is using API Key better than Oauth2.0 or basic authentication for Rest outbound?

Re: Configuring an API Key for an Outbound REST Message

tony_barratt — Fri, 25 Mar 2016 21:11:21 GMT

Hi Craig,

Good questions..

-> So is this different than using the Oauth and basic authentication?

yes

-> why does it have to RESTMessageV2

I mentioned RESTMessageV2 as this is available in Fuji and Geneva - I am actually not clear on what is required for the Mashape api,

(although I realize now it does explain here)

Mashape Docs - Retrieving and Managing API Keys on Mashape

-> can standard REST message authentication be used in geneva?

yes

Outbound REST authentication

-> does this work for post method also?

yes

REST message elements

->is using API Key better than Oauth2.0 or basic authentication for Rest outbound

In this case it seems it is the far end requiring an API key to be used so in that sense it is better.

Best Regards

Tony

Re: Configuring an API Key for an Outbound REST Message

tony_barratt — Fri, 25 Mar 2016 21:25:44 GMT

Hi Nelson,

I just looked through the mashape docs, I am not clear on how it all hangs together but there is a hint here that the far end does want the api key that you have passed in the header.

Mashape Docs - Frequently Asked Questions

10. What is a Mashape authorization key?

To authenticate your application with Mashape, you are required to pass a Mashape key in an API call header.

Each account comes by default with a "Default Application", each application is a box that can contain APIs that you wish to consume together or separately.

Each Application also comes with a pair of Mashape keys.

Testing Key
Production Key

These keys are used to authenticate your requests when consuming APIs. Treat them as your passwords. If a malicious users gets ahold of your keys he/she could perform requests on your behalf, You can imagine how annoying that could be for you.

You can view keys in the Mashape dashboard, after clicking on your Application. By default this is "Default Application". Just click "Get the Keys" to display them. More importantly, be aware that you can re-generate Mashape keys in the eventuality they might have been compromised.

How are you getting on?

Any progress?

Best Regards

Tony

Re: Configuring an API Key for an Outbound REST Message

simulationelson — Mon, 28 Mar 2016 07:37:39 GMT

Hello Tony,

My apologies for the late reply. I came across the Mashape Docs - Authentication Settings and found out that the API key can be used as a parameter. I then looked up another API which returns a list instead of a value and it works:

https://mashape-community-urban-dictionary.p.mashape.com/define?mashape-key=<API key>&term=lol

In the Outbound > REST Message module as the get method this would translate to:

Endpoint: https://mashape-community-urban-dictionary.p.mashape.com/define

HTTP Headers:

Name: Accept Value: text/plain

Name: X-Mashape-Key Value: <API key>

HTTP Query Parameters:

Name: term Value: lol

I haven't gone as far as the actual scripting part just yet but this already proves your first answer was correct; The API key just needs to be set in the header.

Thanks!

Re: Configuring an API Key for an Outbound REST Message

tony_barratt — Mon, 28 Mar 2016 07:56:35 GMT

Hi Nelson,

That is excellent news!

Consider marking the question as answered so Community members can benefit from your investigation.

Best Regards

Tony

Re: Configuring an API Key for an Outbound REST Message

Tharun Neeli — Thu, 13 Feb 2020 09:16:38 GMT

Thanks @tony.barratt this works for us when we don't have "Basic Auth" OR "OAuth 2.0" and we have only API token to access, adding to header would be a better solution.