Authentication with the native mobile app

The native mobile app uses OAuth for authentication and stores the OAuth token, which enables the app to re-establish connections without storing any credentials on the mobile device.

OAuth login flows do not pass through installation exits and do not show up on any system logs.
Note: When you sign in to the native app on your mobile device, the app does not store your SSO password.

To configure the lifespan of the token, navigate to System OAuth > Application Registry, select the ServiceNow Mobile App, and change the token lifespan values.

iOS Keychain stores the OAuth token. The app stores only the OAuth token. The keychain encryption is AES 128 in Galois/Counter Mode (GCM). For more information, see the iOS security guide.