Create an endpoint for clients to access the instance

Create an OAuth application endpoint for external client applications to access the ServiceNow instance.

Before you begin

Role required: admin


  1. Navigate to System OAuth > Application Registry and then click New.
  2. On the interceptor page, click Create an OAuth API endpoint for external clients and then fill in the form.
    Field Description
    Name A unique name that identifies the application that you require OAuth access for.
    Client ID [Read-Only] The auto-generated unique ID of the application. The instance uses the client ID when requesting an access token.
    Client Secret [Required] The shared secret string that both the instance and the client application or website use to authorize communications with one another. The instance uses the client secret when requesting an access token. Leave this field blank to have the instance auto-generate a client secret. To display existing client secrets, click the lock icon.
    Redirect URL The callback URL that the authorization server redirects to. Enter the full URLs of the clients requesting access to the resource, appended by / For example, http://token_consumer:port/ Enter as many URLs as needed for all possible token consumers. The instance matches the URL of the incoming request to one of the redirect URLs. If no match is made, the instance uses the first redirect URL.
    Logo URL The URL that contains an image to use as the application logo. The logo appears on the approval page when the user receives a request to grant a client application access to a restricted resource on the instance.
    Active Select the check box to make the application registry active.
    Refresh Token Lifespan The number of seconds that a refresh token is valid. The instance uses the lifespan value when requesting a refresh token. By default, refresh tokens expire in 100 days (8640000 seconds).
    Access Token Lifespan The number of seconds that an access token is valid. The instance uses the lifespan value when requesting an access token. By default, access tokens expire in 30 minutes (1800 seconds).
    Comments Additional information to associate with the application.
  3. Click Submit. The record is saved in the Application Registries [oauth_entity] table.


The system creates a record in the Application Registries [oauth_entity] table with of type OAuth Client. When the instance actually issues tokens and authorization codes, they are stored in the table. See Manage OAuth tokens for more information.