How to pass oauth2.o access token to Rest message

Gudipati Hemala
Tera Contributor

Hi All,

My requirement is to use access token to connect with other servicenow instance(third party application) and I have implemented the following.

1. Configured Auth2.0 Provider with grant type 'Resource owner password credentials'  

2. Created Rest message  with Authentication type : OAuth2.0 and OAuth Profile :<created in step 1>

 3. Create HTTP method with Authentication type :'Inherited from parent' and POST method

4. Create Business rule on incident table with some conditions to call Rest API (created in step 2 and 3) and I'm not passing authorization details from Business rule.

This is working fine when I (I have admin role) will create an incident and the ECC payload contains Authorization value as "Bearer <Access token>"

find_real_file.png

If non-admin creates incident with triggered conditions, access token value is passing as null value. please refer  ECC payload snap

find_real_file.png

Question1 : Could you someone tell me why this not working for others? when I tested this in DEV instance it it working fine for everyone and its not working in QA/test instance.

Question 2: Is it require to pass access token value from Business rule ? If Yes, could you help me with reference script if you have and would that script automatically generates the new access token after expires?

 

Thanks in Advance!

 

 

 

1 ACCEPTED SOLUTION

Ankur Bawiskar
Tera Patron
Tera Patron

Hi,

Is it working fine in DEV with non-admins?

The ACL on the oauth_credential table might be causing this issue. Try adding a read ACL on the table and provide the role who needs this access to call and you should be able to test it.

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

View solution in original post

7 REPLIES 7

Ankur Bawiskar
Tera Patron
Tera Patron

Hi,

Is it working fine in DEV with non-admins?

The ACL on the oauth_credential table might be causing this issue. Try adding a read ACL on the table and provide the role who needs this access to call and you should be able to test it.

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Hi Ankur,

Thanks for the response, yes its working in Dev and I will check the ACLs as per your suggestion.

Also I would like to understand that typically, how does Oauth provider works in outbound ? is it required to pass access token value from BR ? or  will it automatically pass the access token when we make a call to Rest message from  BR even if we don't define Authorization parameter in BR? 

Hi,

it will automatically take as you have attached the OAuth profile to your REST Message.

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Thank you so much for your great help, I have compared DEV and QA ACL's on oauth_credential, I have identified read acl is missing in TEST, Now I have create new read ACL in TEST and its working for all users.

Thanks!