Restful API - OAuth grantype password - 401 - User Not Authenticated error
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2022 06:44 AM
I have configured OAuth with grant_type password in Production and all is working well. I have restored Production to Dev and am not attempting to get the same programmatic access to dev instance, but it's not working. I have no idea why. I get 401 on dev, but not on prod.
Steps:
1) Request token
POST https://{instance}.service-now.com/oauth_token.do
Content-Type: application/x-www-form-urlencoded
grant_type=password
&client_id={client_id}
&client_secret={client_secret}
&username={username}
&password={password}
2) Get data from tables
GET https://{instance}.service-now.com/api/now/table/cmdb_ci_business_app?sysparm_limit=10
Accept: application/json
Authorization: Bearer {token from previous step}
HTTP/1.1 401 Unauthorized
{"error":{"message":"User Not Authenticated","detail":"Required to provide Auth information"},"status":"failure"}
GET https://{instance}.service-now.com/api/now/table/cmdb_ci_business_app?sysparm_limit=10
Authorization: Basic {base64encoded username/password}
Error | iss claim is required to authenticate with an id_token: no thrown error | com.glide.ui.ServletErrorListener |
Error | Exception while decoding JWT. Invalid JWT serialization: Missing dot delimiter(s): no thrown error | com.glide.ui.ServletErrorListener |
Error | Exception while decoding JWT. Invalid JWT serialization: Missing dot delimiter(s): no thrown error | com.glide.ui.ServletErrorListener |
Any ideas of where to look next?
One thing I've noticed is that the token from dev has more non-alpha characters such as / + == and prod does only has a - and _. Should encode the token before sending the request?
e.g. of dev token: AAAAAAA/BBBBBB+cc+DDDDDDDDDDD+EEEEEE==
e.g. of Prod token: AAAAAAAAAAAAAAA-BBBBBBBBBB_CCCCCC

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2022 02:25 PM
HZ,
I was able to replicate your issue, I think you are presenting the refresh_token and not the access_token as the Bearer value when making the GET request.
Hope this helps,
Richard
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2022 08:07 AM
I double checked and I don't think that's the case.
In response to the token request I get this:
{
"access_token": "ABCDE",
"refresh_token": "123456",
"scope": "useraccount",
"token_type": "Bearer",
"expires_in": 1799
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2023 08:25 AM
Hi, did you ever manage to work out was the issue was?