Modern authentication

Below, given are the steps to be followed to configure your ServiceNow instance for Modern Authentication:

  1. Get the 1E Core application

  2. Prerequisite

  3. Configure Microsoft Entra ID/Okta and 1E

  4. Preparing the certificates for ServiceNow

  5. ServiceNow OAuth steps

    • Upload PEM and JKS certificates

    • Configure a JWT signing key

    • Create a JWT provider

Flow of access token in Modern Authentication

ServiceNow supports client assertion grant flow. This requires presenting the JWT (JSON Web Token) to the authentication endpoint, retrieve back the token, and provide this token along with outgoing API calls. This token has a limited lifespan and requires renewal. The below diagram guides you about how to access the token flows when modern authentication is enabled in 1E Core.

  1. The 1E ServiceNow application initiates a request to retrieve the access token from 1E Core.

  2. If the token is either invalid or absent, then a new request is sent to the 1E Platform to issue a new token. Otherwise, an API call including the access token is made to the 1E database.

  3. The new access token is provided by the 1E Platform to 1E Core, after the 1E Platform has validated the request by sending it to the IdP (Microsoft Entra ID or Okta).

  4. This token is now passed onto the requested 1E ServiceNow application.

  5. The token is stored in the application for future API calls.

  6. The application raises a request along with the token to 1E Core.

  7. 1E Core makes an API call to the 1E database along with this token.

  8. 1E provides access to the protected resource in 1E Core.

  9. 1E Core processes the response received from 1E and passes onto the application.

  10. The response is stored in the 1E ServiceNow application tables.