Set up OAuth To set up OAuth, register applications to OAuth, enable the OAuth system property, and generate token requests. Before you beginRole required: admin Procedure Make sure the OAuth plugin is active and the OAuth activation property is set to true. Create an OAuth application registry using one of the following methods: Create an endpoint for external clients that want to access your instance. This creates an OAuth client application record and generates a client ID and client secret that the client needs to access the restricted resources on the instance. Connect to another OAuth provider that provides the authorization for access to your instance.Configure OAuth profiles and OAuth scopes when you are connecting to another OAuth provider. Configure your client applications to create an HTTP POST that requests an OAuth token. The application must also be able to parse the JSON response to use the returned access token and refresh token. Activate OAuthBy default, the OAuth plugin is active on new and upgraded instances. If the plugin is not active on your instance, you can activate the plugin.Create an endpoint for clients to access the instanceCreate an OAuth application endpoint for external client applications to access the ServiceNow instance.OAuth authorization code grant flowAuthorization code grant flow allows a user to access a resource by authenticating directly with an OAuth server that trusts the resource, in contrast with authenticating with username/password credentials. Manage OAuth tokensYou can open OAuth tokens that provide access to restricted resources on the ServiceNowinstance. OAuth parameters for default profile supportThe default profile feature requires a set of parameters that you can use with the setParameter() API to specify the OAuth requestor, a context for the request, and the provider profile. OAuth API request parametersAccess token requests use the following request parameters.OAuth API response parametersThe OAuth 2.0 API produces a JSON response containing the following parameters as name:value pairs.Revoke an OAuth tokenYou might want to revoke an OAuth access or refresh token for security reasons. OAuth client APIsThe OAuth client API provides methods to request and revoke OAuth tokens.