Custom Credentials
OAuth requires the authenticating user to interact with ServiceNow using the browser. The driver facilitates this in various ways as described below.
Authenticate to ServiceNow from a Desktop Application or Web Application
OAuthPassword
After setting the following connection properties, you are ready to connect:
- AuthScheme: Set this to OAuthPassword.
- InitiateOAuth: Set this to GETANDREFRESH for a Desktop Application and REFRESH for a Web Application. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property.
- OAuthClientId: Set this to the Client Id in your app settings.
- OAuthClientSecret: Set this to the Client Secret in your app settings.
- User: Set this to your username.
- Password: Set this to your password.
- Url: Set this to the base URL of your ServiceNow instance site. For example: https://MyInstance12345.service-now.com/.
- Extracts the access token from the response and authenticates requests.
- Refreshes the access token when it expires.
- Saves OAuth values in OAuthSettingsLocation to be persisted across connections.
OAuth CODE grant
To obtain the access token and refresh token, when connecting via a web application, or if the driver is not authorized to open a browser window, you need to exchange temporary verification values for the access token. In another machine do the following:
- OAuthGrantType: Set this to CODE.
- OAuthClientId: Set this to the Client Id in your app settings.
- OAuthClientSecret: Set this to the Client Secret in your app settings.
- Url: Set this to the base URL of your ServiceNow instance site. For example: https://MyInstance12345.service-now.com/.
- Call GetOAuthAuthorizationURL, for example, EXEC GetOAuthAuthorizationURL CallbackURL = 'http://localhost:33333'. The CallbackURL must match the Redirect URI you have set in your Custom OAuth App. The stored procedure returns the URL to the OAuth endpoint.
- Log in and authorize the application. You are redirected back to the callback URL. The callback URL contains the verifier code in the query string parameter named "code". Extract the verifier code and call GetOAuthAccessToken, for example, EXEC GetOAuthAccessToken CallbackURL = 'http://localhost:33333', Authmode = 'WEB', Verifier = 'KG1tAuc13DlyLUk7VcqvfkrICtLEMnWgcNMAv20kj4Qum_X47kx1MGUjaF8qFBTR36vSgZlc1_kjLAYq1D9ixg'.
To connect to data, set the following connection properties:
- OAuthGrantType: Set this to CODE.
- OAuthClientId: Set this to the Client Id in your app settings.
- OAuthClientSecret: Set this to the Client Secret in your app settings.
- Url: Set this to the base URL of your ServiceNow instance site. For example: https://MyInstance12345.service-now.com/.
- OAuthAccessToken: Set this to the value that you got from calling GetOAuthAccessToken.
To make the driver automatically refresh the access token when it expires, set InitiateOAuth to REFRESH and set OAuthRefreshToken. Alternatively, set InitiateOAuth to OFF and call the RefreshOAuthAccessToken stored procedure when the access token expires. Given a refresh token as input, the procedure returns a valid OAuth access token.