Automating OAuth 2.0 (Authorization Code Flow) for ServiceNow–Snowflake Integration

naveenreddy0871
Tera Contributor

yesterday

Hi , 

We recently implemented an integration between ServiceNow and Snowflake using OAuth 2.0 (Authorization Code grant). The setup included configuring all required parameters such as Client ID, Client Secret, Authorization URL, Token URL, and Redirect URL.

The configuration worked as expected initially. However, when attempting to retrieve the OAuth token, the system consistently prompted for user credentials. Since the account is protected with MFA, manual authentication became a required step each time.

The Challenge

  • The Authorization Code flow is interactive by design, requiring user login and MFA validation.
  • The generated access token expires within minutes/hours, making it unsuitable for long-running or scheduled processes.
  • Although a refresh token is available with a longer validity (months), the initial authentication dependency creates a barrier for automation.
  • As a result, executing APIs from Data Sources or Scheduled Jobs in ServiceNow becomes difficult without manual intervention.
    How can we automate API execution in ServiceNow without requiring repeated user authentication?

    Screenshot 2026-05-06 101631.png
0 Helpfuls
  • 290 Views
2 REPLIES 2

Tanushree Maiti
Kilo Patron

yesterday

Hi @naveenreddy0871 

 

Change grant type as Client credential instead of Authorization code.

It needs Token URL , client ID, secret in place. It will work.

 

Client Credentials:

  • Best for: Machine-to-machine/system-to-system integration, service accounts, or automated background scripts.

Refer: https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1645212

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:
0 Helpfuls

Changej Khan
Kilo Guru

yesterday

Hi Naveen,
You can use below to bypass manual logins:
OAuth 2.0 Client Credentials Grant:

  • This is the preferred method for secure, machine-to-machine authentication.
  • It uses a Client ID and Client Secret to request an access token from the /oauth_token.do endpoint.
  • The external system includes this token in the Authorization: Bearer header for all subsequent API calls until it expires.

Please mark as helpful and correct if it helps.

0 Helpfuls