Retrieving Oauth Bearer token on the client side for REST message (MID-server)

mr_arnesen
Tera Contributor

Please Bear(er token) with me...

Our organization wants to use bearer tokens for some internal REST APIs not only for authorization, but also for auditing purposes, to ensure strictly official need of the service.

 

This means that a server-to-server type authentication is useless, and it seems we hav to go client side to get the appropriate token.

Using a customized Oauth API script, we have managed to log the token response when using the OIDC entity as an SSO Idp, when users log on the instance. This JWT contains information about the user, which is what we need.

mr_arnesen_0-1695216881608.png


How can we go about retrieving this token when we want to pass it to our internal REST API (via MID-server)?

We need a secure way of doing this on the client side.

Cheers

2 REPLIES 2

Mannie2
Tera Contributor

Hi I know is this old, but did you ever get this to work?

EbbeArne
Tera Contributor

Hi Mannie,
We never could get it to work as intended, so we had to lower the expectations a bit.
A machine to machine token is used, and then we supply the username in the request header and use that for auditing. It's all about trust really. The internal service trusts that ServiceNow has authenticated the user. 

Sorry for not solving!

Cheers