Third party token workflow for user accounts
This workflow can be used to integrate third-party identity providers (IdPs) with ServiceNow for secure API access. It allows client applications to obtain tokens directly from an IdP and use them to access ServiceNow APIs.
Before you begin
Role required: oauth_admin, mi_admin, admin
About this task
The third-party client application requests tokens directly from your identity provider (IdP). The authentication method between the client and the IdP is flexible and can be configured to meet your specific requirements.
After successful authentication, the IdP issues an ID token. The token is sent directly to the client application, which then uses it to access ServiceNow APIs.
Note:
ServiceNow validates the token using the public key configured during setup and grants access to the requested APIs. Verify that the token is in JSON Web Token (JWT) format.
Note:
This diagram is for illustrative purpose. It shows the Authorization code grant flow between your client application and the identity provider. The workflow is flexible. You can use a different flow based on your
requirements.