How to Setup MFA or OAUTH for API Endpoints when accessing through BROWSER?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-09-2022 08:23 PM
Hello,
Accessing any of API Endpoints prompt for "Basic Authentication" when accessed using a web browser. I understand that API endpoints are used during integration with 2 systems. But incase if user tries to access the URL, we would like setup login thorough MFA or OAUTH.
Please let us know is there a way which we can achieve it?
Example: Below is the picture when trying to access the API through a browser, we are being asked to login through basic authentication
Regards,
Vasanth
- Labels:
-
Platform and Cloud Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-09-2022 10:50 PM
Hi, I would think that would be correct behaviour as user access to the platform via an API without authentication would be a serious security risk. Also I don't see '/api/now/ui' as a documented API, perhaps you could clarify your intentions and business drivers\requirements.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-14-2022 05:20 PM
Hi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-14-2022 05:36 PM
Hi, sorry but I don't understand the context of your response, any URL copied into a browser should result in an authentication\process based on your 'user' access to the platform (unless the url is flagged a public), so if you want to use MFA for access to your instance then you need to configure it for MFA
Authentication (servicenow.com)
Perhaps you need to update your API access so that Oauth is used instead of basic?
Enable OAuth with inbound REST (servicenow.com)
