REST API Integration with 3rd party - 401 Error

Priyanka Gupta · ‎12-05-2018

Hi everyone,

I am trying to connect to 3rd party system using Outbound REST API. I wanted to understand what am I doing wrong in the authentication.

Endpoint is the GET API I am trying to refer-

http://*********************/tfs/*************/_apis/wit/workitems/116536?api-version=3.2

I am selecting the Authentication as Basic with my 3rd party userName and password. Our 3rd party server is on premise and we use our network credentials to login to that system. The network credentials are the username and password I have fed here.

I am also sending Authorization header in the request as -

The GET and POST APIs are working fine in Fiddler.

Here's a screenshot of the Test-

Any suggestions would be helpful.

Thanks,

Priyanka

Priyanka Gupta · ‎12-06-2018

For all those who are running into the same issue as me,

You can either perform authentication through the Basic Auth/ Outh2.0 methods available on the REST API form, or you can send an Authorization header in the request. Doing both will not help you.

For the solution of this problem, I set my Authorization header as-

Authorization : Basic <myTokenHere>

Note- Your Authorization header can be different from mine depending upon the 3rd party system's API. My 3rd party was TFS.

and I set the Authentication to 'No Authentication'

This basically allowed my API to authenticate through token instead of the username and password specified in Basic Auth Profile.

Happy coding,

Priyanka

View solution in original post

AshishKM · ‎12-05-2018

Hi,

Please check if you can access the same in Postman and this 3rd party APIs are published for external use.

If 3rd party API are in secure zone, better to use any external API gateway to publish it and that published URL will be accessible from ServiceNow.

If you are using Basic Auth,please check if you need any service account to access.

A '401 Unauthorized Error' indicates that the requested resource is restricted and requires authentication, but the client failed to provide any such authentication.

Thanks

Ashish

Please mark this response as correct and helpful if it helps you can mark more that one reply as accepted solution

Priyanka Gupta · ‎12-05-2018

Hi Ashish,

As I said in my question, I am able to access both GET and POST using Fiddler, another REST API client as Postman.

My 3rd party is on premise and so is in the same domain as MID Server.

I have admin access on both the systems and I am using my credentials for testing purposes.

Am I missing anything?

Regards,

Priyanka

ARG645 · ‎12-05-2018

Did you set the MidServer for the API call ??

Coleton · ‎12-05-2018

I see that the MID server has been blocked out in the image, but it doesn't look like anything is there to begin with. Good question, I was thinking the same thing.