top of page

Integrating with ServiceNow via OAuth: A Step-by-Step Guide

In this digital era, ServiceNow is a widely used platform and integrating organisation's application with a powerful platforms like ServiceNow is a basic need to streamlines service delivery through effective automation and integration.

One common way to achieve integration is using OAuth 2.0. OAuth (Open Authorization) is a secure protocol used extensively for authorizing API requests between applications.

This blog walks you through integrating your application with ServiceNow using OAuth, specifically focusing on the Client Credentials Grant for machine-to-machine communication.

In this case ServiceNow becomes OAuth provider, which means it will provides OAuth details to connect. So,the first step to integrate your application with ServiceNow using OAuth is to register your application within your ServiceNow instance.This allows ServiceNow to recognize your application and authorize data exchange.

Note: The example shown in this blog is tested with POSTMAN application. You can apply the same concept in your application programming from where you want to connect with ServiceNow.

Step 1: Register Your Application in ServiceNow

  • Log into your ServiceNow instance.

  • Navigate to the 'System OAuth' > 'Application Registry'.

  • Click 'New' to create a new application registry.

  • Select 'Create an OAuth API endpoint for external clients'.

  • You will need to fill in some required fields:


​Field Information


Provide a name for your application.

Client ID

This will be auto-generated by ServiceNow, but you can overwrite it if needed.

Client Secret

Similarly, this will be auto-generated but can be overwritten.

Redirect URL

The URL where users will be redirected after authorization.(Optional)

  • Make sure you record the 'Client ID' and 'Client Secret', as you will need them later.

Step 2: Implement OAuth Client Credentials Grant configuration in Your Application

In this step, you'll implement the OAuth 2.0 Client Credentials Grant within your application.

We will show you this in POSTMAN.

  • Make a POST request to ServiceNow's OAuth token endpoint

  • URL: https://<your-instance>

  • Add following information in Body

  • Format of Request Body should be x-www-form-urlencoded






Client ID copied from Oauth details from ServiceNow


Client Secret copied from Oauth details from ServiceNow


https://<Instance Name>


Any user of ServiceNow Instance


Password of same user

Step 3: Use the Access Token to Make Authorized Requests

In this step, you'll make request to ServiceNow with acccess token you recieved in preivous step.We will show you this in POSTMAN.

Create Incident

  • Make a POST request to Incident table API URL (The URL can change as per your business requirement.)

  • URL: https://<your-instance>

  • Add headers




Bearer <Access Token Received in previous request response>

  • Provide data in Body as per the format you want.

  • Wooo Hoooo! You will get a response with created incident in format you have selected in the request.

You can follow the same steps for retrieve incident or for any other action on any table or with any other api. Access Validation is still applied as per access rules defined in your instance for inserting, retrieving and updating records in the instance. So you need to provide right access to the user used in integration.

And that's it! You've successfully set up OAuth 2.0 integration with ServiceNow.

Remember, security is important. Always store your 'Client Secret', 'Access Token', and 'Refresh Token' securely. Be aware of the access token's expiry time—refresh it before it expires to maintain seamless integration with ServiceNow.

This guide should provide a basic understanding of API integration with ServiceNow using OAuth. The exact steps and code may vary depending on your application's specific requirements and constraints. Always refer to ServiceNow's documentation for the most accurate and up-to-date information.

707 views0 comments

Recent Posts

See All


Post: Blog2_Post
bottom of page