Built something you're proud of? Tell the story. A quick G2 review of App Engine or Build Agent helps other developers see what's possible on ServiceNow. Share your experience.

User Not Authenticated. Could not retrieve a new access token with the refresh token. invalid_reques

naveenreddy0871
Tera Contributor

Monday

Hi ,

I have configured my rest message with Type = OAuth Provider (Oauth2.0) and Grant Type = Authorization Code.and trying to test the API but getting the error as "User Not Authenticated. Could not retrieve a new access token with the refresh token. invalid_request, Missing parameters: access_token" .

I have refresh token and it is not expired, (OAuth Refresh token is available and will expire at 2026-07-07 05:56:13.)

HTTP error code is 0.
Thanks in advance.

0 Helpfuls
  • 241 Views
2 REPLIES 2

Tanushree Maiti
Kilo Patron

Monday

Hi @naveenreddy0871 

 

It seems ServiceNow OAuth flow has broken during the token exchange step. While authentication may have succeeded, the system failed to receive a valid access token in the expected format.

 

  1. Ensure the access token is sent correctly in API calls
    • When calling the ServiceNow API (or any protected API) from the bot/Teams app, the access token must be included in the Authorization header:
      • Authorization: Bearer <access_token>
    • If the endpoint expects the token as a parameter and not a header, ensure the parameter name and placement match the ServiceNow OAuth/API specification.
    • The error message explicitly says Missing parameters: access_token, which means the endpoint did not receive the token in the expected place.

Refer: OAuth flow failed. Verify the configurations and try again. Error detail:invalid_request, Missing pa... 

 

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:
0 Helpfuls

Deepak Shaerma
Mega Sage

Monday

hi @naveenreddy0871 

Please check your record on Application Registry , look for the default grant type or send credentials dropdown.If it is set to as Basic Authorization Header, change it to in body (or vice versa)

 

Happy to help! ‌‌
To help others in the community find this solution, kindly mark this response as the Correct Answer ‌‌ and Helpful‌‌.
Warm Regards,
Deepak Sharma
Community Rising Star 2025

0 Helpfuls