How to pass oauth2.o access token to Rest message

Gudipati Hemala · ‎03-15-2021

Hi All,

My requirement is to use access token to connect with other servicenow instance(third party application) and I have implemented the following.

1. Configured Auth2.0 Provider with grant type 'Resource owner password credentials'

2. Created Rest message with Authentication type : OAuth2.0 and OAuth Profile :<created in step 1>

3. Create HTTP method with Authentication type :'Inherited from parent' and POST method

4. Create Business rule on incident table with some conditions to call Rest API (created in step 2 and 3) and I'm not passing authorization details from Business rule.

This is working fine when I (I have admin role) will create an incident and the ECC payload contains Authorization value as "Bearer <Access token>"

If non-admin creates incident with triggered conditions, access token value is passing as null value. please refer ECC payload snap

Question1 : Could you someone tell me why this not working for others? when I tested this in DEV instance it it working fine for everyone and its not working in QA/test instance.

Question 2: Is it require to pass access token value from Business rule ? If Yes, could you help me with reference script if you have and would that script automatically generates the new access token after expires?

Thanks in Advance!

Ankur Bawiskar · ‎03-15-2021

Hi,

Is it working fine in DEV with non-admins?

The ACL on the oauth_credential table might be causing this issue. Try adding a read ACL on the table and provide the role who needs this access to call and you should be able to test it.

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

View solution in original post

Ankur Bawiskar · ‎03-15-2021

Hi,

Is it working fine in DEV with non-admins?

The ACL on the oauth_credential table might be causing this issue. Try adding a read ACL on the table and provide the role who needs this access to call and you should be able to test it.

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Gudipati Hemala · ‎03-15-2021

Hi Ankur,

Thanks for the response, yes its working in Dev and I will check the ACLs as per your suggestion.

Also I would like to understand that typically, how does Oauth provider works in outbound ? is it required to pass access token value from BR ? or will it automatically pass the access token when we make a call to Rest message from BR even if we don't define Authorization parameter in BR?

Ankur Bawiskar · ‎03-15-2021

Hi,

it will automatically take as you have attached the OAuth profile to your REST Message.

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Gudipati Hemala · ‎03-15-2021

Thank you so much for your great help, I have compared DEV and QA ACL's on oauth_credential, I have identified read acl is missing in TEST, Now I have create new read ACL in TEST and its working for all users.

Thanks!