Inbound REST fails with Basic Auth

magnushedlu · ‎02-19-2025

Hi,

We have a business need to have an inbound REST integration from an external system that only supports passing credentials as basic auth.

I have set up a local web service user and set the psw. The user has the rest service role as well as ITIL to be able to read/write on Incident table.

When trying this from Postman I get ”401: UnAuthenticated (Request does not provide proper credentials.)”.

I don’t understand why I get this as I have checked and double checked the user id and psw.

We have other integrations set up and working but using OAuth or api keys. But Basic gives me the cold hand.

What have I missed? Do I need to activate anything or configure our SSO in some way so it allows local users? Or do I need a api policy etc set up for basic auth?

magnushedlu · ‎02-22-2025

So I found the issue and it was my own doing 🙂

I had put in a API policy allowing API key without understanding that I then also need to have a corresponding one for basic auth to not have that blocked.

View solution in original post

magnushedlu · ‎02-19-2025

I just found that CSRF settings might interfere with basic auth according to this article, https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0565021

I guess that could be it?

And unfortunately the external system (using a preconfigured connector) doesn’t support any configurations.

thomaskennedy · ‎02-19-2025

You have checked everything I can think of. I would check that the user does not have snc_external, then set up a simple scripted rest api and hit that instead, and see what happens.

magnushedlu · ‎02-22-2025

So I found the issue and it was my own doing 🙂

I had put in a API policy allowing API key without understanding that I then also need to have a corresponding one for basic auth to not have that blocked.