Best Answers
@ManuToivanen it looks like you will not be able to use the built-in OAuth client credential support of Blue Prism if you want to invoke ServiceNow's REST API with OAuth security. The issue, as you've seen, is that ServiceNow expects that you will send through your token request in an HTTP POST with certain parameters specified in the request body. Unfortunately, the BP implementation of OAuth client authentication does not expose the ability to influence/customize the request outside of the basic properties exposed on the configuration screen.
With that said, you can make a direct request to the ServiceNow authentication service to request your access and refresh tokens, but you will have to change the existing ServiceNow WebAPI service definition to account for this new security model. So lets break this down a bit.
1.0 Create a new Web API service definition for OAuth.
The first thing you'll want to do is create a new Web API service definition that exposes two actions - one for requesting the new access token and one for refreshing an existing token. I've attached the one I created, as a .bprelease, if you just want to import it (this was built in BP v6.9). Otherwise, here are some screen shots of the important screens:
2.0 Adjust existing ServiceNow Web API definitions
The above service will give you the ability to request the access and refresh token. Now, you need to adjust the existing ServiceNow Web API service definitions so that they can use the new token you receive. There are a couple of ways to do this. I think the easiest is probably to create a new credential of type Bearer. Then within your process you call the SN token Web API service, collect the access token and use the onboard Credential VBO to set the Token value of that credential with the new access token you received. Then you change the Common Authentication setting of the existing SN Web API definition to use that new bearer credential.
I've tested this on my machine and it works like a charm. Here's an example of the basic process flow:
Hope this helps you out.
Cheers,
@ManuToivanen so you followed the steps ServiceNow outlines at the below link for enabling OAuth in your instance?
If you have the client ID and client secret you can create a new credential in Blue Prism's Credential Manager of type OAuth 2.0 (Client Credentials) as depicted below.
Once you've created that credential, you have to go back to your ServiceNow WebAPI service definition and the change the Common Authentication configuration from Basic to OAuth 2.0 (Client Credentials). Here's an example:
Make sure to set the Authorization URL to whatever your tenant URL is.
Cheers,
@ewilson I have followed those steps that you described. I have client ID and client secret in ServiceNow and in Blue Prism's Credential Manager and the type is OAuth 2.0 (Client Credentials). I have also made a regular user account that should consume the granted Oauth2 token when it is communicating with ServiceNow. But before this I have to manage to get that token.
When I request a token from command prompt using cURL everything works just fine. Client_id, client_secret, username and password are exactly same that are in Blue Prism's Credential Manager. And that cURL command is using POST method (attribute -d).
How do I replicate this with Blue Prism? Could you (or someone else) please give me an example how to configure appropriate Web API Service actions for this purpose.
@ManuToivanen it looks like you will not be able to use the built-in OAuth client credential support of Blue Prism if you want to invoke ServiceNow's REST API with OAuth security. The issue, as you've seen, is that ServiceNow expects that you will send through your token request in an HTTP POST with certain parameters specified in the request body. Unfortunately, the BP implementation of OAuth client authentication does not expose the ability to influence/customize the request outside of the basic properties exposed on the configuration screen.
With that said, you can make a direct request to the ServiceNow authentication service to request your access and refresh tokens, but you will have to change the existing ServiceNow WebAPI service definition to account for this new security model. So lets break this down a bit.
1.0 Create a new Web API service definition for OAuth.
The first thing you'll want to do is create a new Web API service definition that exposes two actions - one for requesting the new access token and one for refreshing an existing token. I've attached the one I created, as a .bprelease, if you just want to import it (this was built in BP v6.9). Otherwise, here are some screen shots of the important screens:
2.0 Adjust existing ServiceNow Web API definitions
The above service will give you the ability to request the access and refresh token. Now, you need to adjust the existing ServiceNow Web API service definitions so that they can use the new token you receive. There are a couple of ways to do this. I think the easiest is probably to create a new credential of type Bearer. Then within your process you call the SN token Web API service, collect the access token and use the onboard Credential VBO to set the Token value of that credential with the new access token you received. Then you change the Common Authentication setting of the existing SN Web API definition to use that new bearer credential.
I've tested this on my machine and it works like a charm. Here's an example of the basic process flow:
Hope this helps you out.
Cheers,
