Server_error when trying OAuth for grant_type=client_credentials. How do I fix this?

Charles Q
Kilo Contributor

‎02-12-2021 01:54 PM

I am trying to Integration the tool Target Process to ServiceNow. I have created an oauth entry under Application Registry, "Create an OAuth API endpoint for external clients," to connect Target Process to ServiceNow.

Now, I am trying to create an automation rule in Target Process to call a SNOW API and write data. The Snow Scripted REST API ==> WORKS GREAT. Coded, tested, using API Explorer.

In Target Process this is a section of my javascript to get the token from SNOW:

const url = 'https://INSTANCE.service-now.com/oauth_token.do'

const tokenResponse = await http.postAsync(url, {
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
},
body: `client_id=${encodeURIComponent(clientId)}&client_secret=${encodeURIComponent(clientSecret)}&grant_type=client_credentials`
})

const tokenResponseObj = JSON.parse(tokenResponse)
const access_token = tokenResponseObj.access_token

await http.postAsync('https://INSTANCE.service-now.com/api/cherp/target_process/gtpd', {
headers: {
'Authorization': `Bearer ${access_token}`
},
body: data
})
 
I get the error:
{
    "error_description": "access_denied",
    "error": "server_error"
}
 
I also get the same response trying in a tool like postman. What am I doing wrong?
 
Thanks,
Charles
Labels:
0 Helpfuls
  • 3,742 Views
3 REPLIES 3

Ankur Bawiskar
Tera Patron

‎02-12-2021 11:21 PM

@Charles Q 

Are you sending the required data in the header and the body to get the OAuth access token

refer my blog for steps on how to get it from postman. Similar thing can be done from external application

OAuth 2.0 with Inbound REST

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  10x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Charles Q
Kilo Contributor
In response to Ankur Bawiskar

‎02-15-2021 07:24 AM

@Ankur Bawiskar , thank you for that link, it was quite informative. If I read what you are saying correctly:

  1. Client Credentials is not a valid choice in ServiceNow.
  2. I still need to code the username and password in order to get the token.
    1. In the application, Target Process, I cannot mask the user name or password, which is not desired.

Is there anything else I could look at? Or am I missing something?

Thanks,

Charles

 

 

0 Helpfuls

Ankur Bawiskar
Tera Patron
In response to Charles Q

‎02-15-2021 07:34 AM

@Charles Q 

ServiceNow has everything in terms of user session.

So this is how OAuth works in ServiceNow when you consume ServiceNow's endpoint to get OAuth token

1) to get the 1st Access token + Refresh token you need to send username and password along with other details

2) now when the Access token expires you can regenerate it using the refresh token no need to send username and password

3) now if the refresh token also expires then fresh call using again username and password

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  10x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls