ServiceNow provides an OAuth authorization code grant flow using REST. This allows a user to access a resource by authenticating directly with an OAuth server that trusts the resource, rather than authenticating with a username and password. We utilize this authorization code grant flow process when connecting between a ServiceNow instance and our services. To learn more, click here.
To set up OAuth in ServiceNow, ensure the OAuth Plugin is active, the OAuth activation property is set to true, and then create an OAuth API endpoint for external clients. Input a Name, the Redirect URL, and optionally the Logo URL here.
NOTE:
By default, ServiceNow issues refresh tokens with 8,640,000 seconds or 100 day lifespans. This means after 100 days the client is required to reauthorize the OAuth connection. We recommend increasing this lifespan to a larger value to reduce manual reauthorization. The max value is 2,147,483,647 seconds (~68 years).
Additionally, the Redirect URL should have the following value:
https://[OBRegion]/auth/servicenow/callback
(For example: https://useast2.owndata.com/auth/servicenow/callback)
Configure a service with OAuth:
Click Allow.
ServiceNow sends Own an authorization code and refresh token. Own uses that to validate and authorize a connection.