Enable OAuth with inbound REST

Using OAuth, you can pass a user ID and password once, and then use a token for subsequent REST requests instead of submitting credentials with each request.

About this task

OAuth can improve system security by reducing the number of times you submit user credentials. You can use OAuth to authenticate REST requests.

This video demonstrates how to authenticate to REST APIs using OAuth.

Procedure

  1. Enable OAuth in the ServiceNow instance that the external client will connect to.

    You may need to activate the OAuth plugin and set the OAuth property if OAuth is not yet enabled on the instance.

  2. Register a client application and create an endpoint.
  3. Record the client_id and client_secret values from the previous step to use when requesting an access token.
  4. To get an access token, use your REST client, such as cURL or Postman, to send a request to the OAuth endpoint (oauth_token.do).

    Format the request as a URL-encoded HTTP POST body and include the required parameters.

  5. Record the access token and refresh token from the response.
  6. Submit the access token with subsequent REST requests.