Configuring an API Key for an Outbound REST Message

simulationelson · ‎03-20-2016

I'm new to ServiceNow and currently trying to configure an outgoing REST message for the first time. I'm checking out https://currency-exchange.p.mashape.com/exchange and have already obtained my API key. The problem is, how will I configure the API key, when in the Outbound > REST Message module you can only configure either Basic or OAuth 2.0 for the authentication? Or am I missing something here?

{"message":"Missing Mashape application key. Go to http:\/\/docs.mashape.com\/api-keys to learn how to get your API application key."}

tony_barratt · ‎03-20-2016

Hi Nelson,

Is the far end expecting the api token in the header?

You can set name-value pairs in the header.

RESTMessageV2 - setRequestHeader(String name, String value)

Best Regards

Tony

View solution in original post

tony_barratt · ‎03-20-2016

Hi Nelson,

Is the far end expecting the api token in the header?

You can set name-value pairs in the header.

RESTMessageV2 - setRequestHeader(String name, String value)

Best Regards

Tony

craigsnowadmin2 · ‎03-25-2016

So is this different than using the Oauth and basic authentication? why does it have to RESTMessageV2 ,can standard REST messageauthentication cannot be used in geneva? does this work for post method also? is using API Key better than Oauth2.0 or basic authentication for Rest outbound?

tony_barratt · ‎03-25-2016

Hi Craig,

Good questions..

-> So is this different than using the Oauth and basic authentication?

yes

-> why does it have to RESTMessageV2

I mentioned RESTMessageV2 as this is available in Fuji and Geneva - I am actually not clear on what is required for the Mashape api,

(although I realize now it does explain here)

Mashape Docs - Retrieving and Managing API Keys on Mashape

-> can standard REST message authentication be used in geneva?

yes

Outbound REST authentication

-> does this work for post method also?

yes

REST message elements

->is using API Key better than Oauth2.0 or basic authentication for Rest outbound

In this case it seems it is the far end requiring an API key to be used so in that sense it is better.

Best Regards

Tony

tony_barratt · ‎03-25-2016

Hi Nelson,

I just looked through the mashape docs, I am not clear on how it all hangs together but there is a hint here that the far end does want the api key that you have passed in the header.

Mashape Docs - Frequently Asked Questions

..

10. What is a Mashape authorization key?

To authenticate your application with Mashape, you are required to pass a Mashape key in an API call header.

Each account comes by default with a "Default Application", each application is a box that can contain APIs that you wish to consume together or separately.

Each Application also comes with a pair of Mashape keys.

Testing Key
Production Key

These keys are used to authenticate your requests when consuming APIs. Treat them as your passwords. If a malicious users gets ahold of your keys he/she could perform requests on your behalf, You can imagine how annoying that could be for you.

You can view keys in the Mashape dashboard, after clicking on your Application. By default this is "Default Application". Just click "Get the Keys" to display them. More importantly, be aware that you can re-generate Mashape keys in the eventuality they might have been compromised.

How are you getting on?

Any progress?

Best Regards

Tony