OAuth Setup Guide
Configure your ServiceNow instance for secure OAuth2 Client Credentials authentication.
Why OAuth2?
- ServiceNow Washington DC release or later
- admin role on the instance
Enable Client Credentials Grant
Navigate to System Properties and set:
glide.oauth.inbound.client.credential.grant_type.enabled = true
This enables the OAuth2 Client Credentials flow on your instance. Without this property, the token endpoint will reject client_credentials grant requests.
Create an OAuth Application
Navigate to System OAuth > Application Registry and create a new record:
| Field | Value |
|---|---|
| Name | letitflow-sn (or any descriptive name) |
| Grant Type | Client Credentials |
| Client ID | Auto-generated (copy this) |
| Client Secret | Auto-generated (copy this) |
Copy the Client ID and Client Secret — you'll need these to connect.
Set the OAuth Application User
On the same Application Registry record, set the OAuth Application User field. This user defines the security context for all API requests made with this client.
The user needs these roles:
These roles grant read/write access to flow tables (sys_hub_flow, sys_hub_action_instance, etc.) and the processflow API.
Connect from letitflow-sn
CLI:
$ letitflow-sn --instance https://myco.service-now.com \ --client-id your_client_id \ --client-secret your_client_secret \ --sys-id abc123...def456
Web UI: Click the gear icon in the top-right corner, select OAuth2, and enter your instance URL, Client ID, and Client Secret.
Basic Auth (Alternative)
Basic Auth sends your username and password with every request. It's suitable for testing on Personal Developer Instances (PDIs) but not recommended for production.
$ letitflow-sn --instance https://myco.service-now.com \ --user admin --pass secret \ --sys-id abc123...def456