Recently I was asked to help get a GitHub bot working with ServiceNow as the backend. What was engaging with the requirements for GitHub bots was the authentication type required. Looking at this handy blog from Thai Angsakulyanont, it was interesting to see that while I have done methods 1,2,3, the bot requires method 4, which was quite the wrench. We have explored JWT here on the blog before from none other than Dave Slusher.
As highlighted in my New Integration/API and Authentication Features Blog Post, Istanbul introduces two new inbound OAuth 2.0 flows: Authorization Code Grant Flow Implicit Grant Flow These flows allow you to build apps that interact with ServiceNow APIs without needing to be directly aware of an end user’s username/password. Some possible use cases include: Building a mobile (iOS or Android) app that interacts with task records in a ServiceNow instance Building a web application that interacts with ServiceNow on behalf of your users This blog post is a quick tutorial to:
The Istanbul release introduces some very exciting features for APIs and Authentication. This post will bring you up to speed on what’s new, and we’ll follow up with more detailed posts about individual features in the coming days/weeks. New Inbound OAuth 2.0 Features Have you ever tried to build an app that integrates with ServiceNow, only to find that you couldn’t issue API calls on behalf of a specific user unless that user had credentials stored locally in the instance?