Postman to servicenow using OAuth 2.0

21121A3359 · 3 hours ago

Even I given Correct Client Id, and Client SecretI'm getting this
What Should i need to do

Vikram Reddy · 3 hours ago

The error in your screenshot means the actual REST call is reaching ServiceNow without valid authentication.

Client ID and Client Secret alone are not enough to call the ServiceNow Table API. They are used first to get an OAuth access token. After that, the API request must include the access token in the Authorization header as a Bearer token.

Correct flow:

1. First call the token endpoint:

POST https://<instance>.service-now.com/oauth_token.do

Body type in Postman:
x-www-form-urlencoded

For password grant:

grant_type=password
client_id=<your_client_id>
client_secret=<your_client_secret>
username=<integration_user>
password=<integration_user_password>

If successful, ServiceNow returns an access_token.

2. Then call the ServiceNow API with the token:

GET https://<instance>.service-now.com/api/now/table/incident?sysparm_limit=1

Header:

Authorization: Bearer <access_token>
Accept: application/json

Make sure there is a space between Bearer and the token.

Example:

Authorization: Bearer eyJ0eXAiOi...

Do not call the Table API by only passing Client ID and Client Secret. That will return:

User is not authenticated
Required to provide Auth information

Also check these items:

- OAuth plugin is active.
- System property com.snc.platform.security.oauth.is.active is true.
- The OAuth Application Registry record is active.
- The grant type you are using in Postman matches the grant type configured in ServiceNow.
- If using password grant, the integration user must be active, not locked out, must have a valid local password, and must have the required table/API roles.
- If SSO is enabled, do not use an SSO-only user for password grant. Use a local integration user/service account.
- The integration user should have snc_platform_rest_api_access and the required table roles/ACL access.
- Use HTTPS, not HTTP.
- In Postman, after generating the token, click Use Token, or manually add the Authorization: Bearer <token> header.
- Remove any old Basic Auth header if you are testing OAuth, because Postman may send the wrong auth header if multiple auth methods are configured.

If you are using client_credentials grant instead of password grant, then configure it as a machine-to-machine integration / OAuth Client Credentials Grant and make sure the OAuth application or machine identity has the proper API access scope / REST API access policy. A token can be generated successfully but still fail on the API call if the token is not authorized for that API.

Client ID + Client Secret - used to get access_token.
access_token - used to call the ServiceNow API.

The error shown means the second step is missing or the Bearer token is not being sent correctly.

Thank you,

Vikram Karety

ServiceNow Architect

Octigo Solutions INC

21121A3359 · 3 hours ago

It getting using Basic Auth and When i use OAuth 2.0 i generated successfully Token but when i send request like post or get i'm getting as 401 error not authorized . could you please give approach for it . Any steps?

Nishant8 · 3 hours ago

Hello , You get 401 when you make a call with wrong entries. basically you need to make two calls to get the record:

- First use POST method to get the Bearer token (refer below screen shot and use your env values)

- another Get call to get record from ServiceNow using fetched Bearer token (use the token you received in first call)

Regards,

Nishant

21121A3359 · 2 hours ago

I am getting access denied what to do