OAuth authentication is use to authorize across a network of web-enabled applications and APIs (for more information, visit User Authentication with OAuth 2.0). Perspectium Meshlets for ServiceNow support OAuth2 so you can use a token instead of entering a username and password. 


Prerequisites


(warning) First, have a ServiceNow instance with privileges to generate a REST API access token.  


Procedure

To use OAuth2 for Service Gateway with ServiceNow, follow these steps:


Create OAuth API endpoint 

In your ServiceNow instance, create an OAuth API endpoint

(info) NOTE: The Access Token Lifespan field has a default value of 30 minutes (1800 seconds). It is recommended to set a higher value, such as 100 days (8640000 seconds), to increase the number of seconds the token will be valid until a new access token needs to be generate again. 

Generate access token 

After creating an OAuth API endpoint, generate an access token to be used with the ServiceNow meshlet. See the following for accessing token in ServiceNow.

 Refer to the table below to include the following properties in the request body:

KeyDescription
grant_type

Indicates which applications can gain access tokens  

(info) NOTE: Value will always be password

client_idClient ID from ServiceNow
client_secretClient Secret from ServiceNow 
usernameUsername for user accessing the API in ServiceNow 
passwordPassword for user accessing the API in ServiceNow 

Here is an example of the URL-encoded HTTP POST body: 

{
   "grant_type" : "password",
   "client_id" : "4957292f9530101070eee4d228e99b9b",
   "client_secret" : "aZ1j&nnddU",
   "username" - "foo",
   "password" - "foobar2"
}

Edit meshlet configuration file 

In the accesstoken field, put your access token retrieved from Step 2. Then, leave username and password blank.

auth:
	username:
	password: 
	accesstoken: gsijrq3uchris849q23nguyeny4j283srq9y4hntcqyawipfrgeorvi1oloankjrk83q0unreuhjkeewj5287y3qwoaueji128

(info) NOTE: If a username or password is set (in addition to the access token), the username or password will take precedence (i.e. username/password is used to authenticate the Meshlet).