The Now Platform® Washington DC release is live. Watch now!
What is OAuth:
Different Grant types for OAuth 2.0:
ServiceNow & OAuth 2.0:
Steps for setting up OAuth 2.0 for Inbound REST:
Name | Unique Name that identifies the application |
Client ID | This will be auto-generated by the instance |
Client Secret | This will be auto-generated by the instance |
Refresh Token Lifespan | 8,640,000 seconds (100 days) & can be increased |
Access Token Lifespan | 1800 seconds (30 Minutes) & can be increased |
User ID | rest.user |
Password | rest.user |
Web service access only | true |
Screenshots:
Client Secret is automatically set and can be seen when you toggle the visibility icon (lock icon)
Test OAuth 2.0 using Postman tool to get Access Token:
Key | Value |
grant_type | password |
client_id | dbd9663cd987f3c042381b764d1b153c |
client_secret | LKw*^N-r#7 |
username | rest.user |
password | rest.user |
Screenshots:
Response containing Access Token & Refresh Token
Test OAuth 2.0 using Postman to get Access Token using Refresh token:
Key | Value |
grant_type | refresh_token |
client_id | dbd9663cd987f3c042381b764d1b153c |
client_secret | LKw*^N-r#7 |
refresh_token | <previousRefreshTokenValue> |
Screenshots: Response containing Access Token & Refresh Token
Test OAuth 2.0 Access Token in the actual endpoint:
Screenshots: Response received from API
Benefits of OAuth 2.0 & Best Practices:
Thanks for reading the blog and do provide your inputs/suggestions if any.
Hope you find this article helpful. Don’t forget to Mark it Helpful, Bookmark.
Thanks,
Ankur Bawiskar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.