ServiceNow OAuth

    ServiceNow provides an OAuth authorization code grant flow using REST. This allows a user to access a resource by authenticating directly with an OAuth server that trusts the resource, rather than authenticating with a username and password. We utilize this authorization code grant flow process when connecting between a ServiceNow instance and our services. To learn more, click here

    To set up OAuth in ServiceNow, ensure the OAuth Plugin is active, the OAuth activation property is set to true, and then create an OAuth API endpoint for external clients. Input a Name, the Redirect URL, and optionally the Logo URL here.

    NOTE: 

    • Do not select “Public Client” in the Application Registry. This causes the OAuth connection to error out.
    • ​Ensure Own’s IPs are whitelisted. Review the following ​article​​ for more information.

    By default, ServiceNow issues refresh tokens with 8,640,000 seconds or 100 day lifespans. This means after 100 days the client is required to reauthorize the OAuth connection. We recommend increasing this lifespan to a larger value to reduce manual reauthorization. The max value is 2,147,483,647 seconds (~68 years).

    Additionally, the Redirect URL should have the following value:

    https://[OBRegion]/auth/servicenow/callback
    

    (For example: https://useast2.owndata.com/auth/servicenow/callback)

    Configure a service with OAuth:

    1. In Own, click New Service. 
    2. Select the ServiceNow service tile.
    3. On the “Authentication Method” drop-down, select OAuth 2.0 from the listed options. 
    4. Configure OAuth in ServiceNow as described above.
    5. Copy and paste the “Client ID” and “Client Secret” from ServiceNow into the relevant fields.
    6. Click Add Service.
      1. The user is prompted to login to ServiceNow (if not already logged in).
      2. After, the user has to allow Own to access the instance using OAuth.
      3. The user can add a company logo by including an image in the “Logo URL” field of the OAuth application registry.
    7. Click Allow.

      ServiceNow sends Own an authorization code and refresh token. Own uses that to validate and authorize a connection.

    « Previous ArticleNext Article »