Configure an Amazon Signature based Custom Algorithm

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:4分

    • Generate the Amazon Signature based data needed to authenticate to a web service by running script.

    始める前に

    • JavaScript knowledge
    • REST knowledge
    • Target web service API knowledge
    • Connection, credential, and alias knowledge
    • Role required: Developer

    このタスクについて

    Use a connection and credential alias and Amazon Signature Version 4 based algorithm for authentication.

    手順

    1. Navigate to All > Credentials & Connections > Authentication Algorithms, and click New.
    2. On the form, fill in the fields.
      The database selection in the Format field determines which fields are available.
      表 : 1. Authentication form
      Field Description
      Name Unique name of this algorithm.
      Algorithm Outbound request type. Select Amazon Signature Version 4.
      Description Description of what your algorithm does.
      Application Scope that your application runs in.
      Instance Authentication Script Script that you select from the Script Includes table. In case of Amazon Signature Version 4 algorithm, choose RequestAuthAWSV4Signer. The scripts available are as follows:
      • RequestAuthAWSV4Signer
      • RequestAuthInternal
      • RequestAuthSampleCustomSigner
      • RequestAuthTwitterSigner
      注:
      To know more about the script click the information icon next to the field. The details of the script such as Name, API Name, Application, Accessible from, Script, and so on is displayed.
      MID Authentication Script Script that you select from the MID Server Script Includes [Discovery view] table. The scripts available are as follows:
      • RequestAuthAWSV4Signer
      • RequestAuthInternal
      • RequestAuthSampleCustomSigner
      • RequestAuthTwitterSigner
      Auth Algorithm
    3. Click Update.
    4. Navigate to All > Connections & Credentials > Credentials.
    5. Click New.
    6. Create AWS Credentials with Authentication Algorithm.
      In this case AWS Auth alg.
    7. Specify the following:
      • Name
      • Active
      • Access Key ID
      • Secret Access Key
      • Credential alias
      • Authentication Algorithm
      AWS Credentials
    8. Click Update.

    タスクの結果

    Based on the selected scripts and authentication algorithm, the configured credentials (Access Key ID and Secret Access Key) or user's credentials (Access Key ID, Secret Access Key, and Session Token) generates a Amazon V4 signature that is sent as outbound request from ServiceNow to the provider (in this case AWS).

    REST step with AWS

    注:
    Amazon V4 signature based authentication can also be used from Script background.

    Action: Get AWS Regions

    Input REST step with AWS as follows:
    • Credentials Alias: The alias that is created for AWS.
    • Base URL: Base URL details from AWS.
    • HTTPS Method: In this case it is GET method.
    • Query Parameters: Action as DescribeRegions.
    GET AWS Region

    You can test the action, the associated regions are displayed. The response body is as follows:


    Code Snippet sample

    Amazon V4 is defined with standard set of algorithm that supports authentication mechanism. This algorithm when used adds the signature as authorization header for authentication (HTTP request) using REST step.