Cloud Management and AIOps


This is an IBM Automation portal for Cloud Management, Technology Cost Management, Network Automation and AIOps products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Planned for future release
Workspace Concert Workflows
Created by Guest
Created on Apr 8, 2026

RELATED IDEAS

For ServiceNow Integration, support client_credentials Grant type

Currently for the version 1.0.69 of the ServiceNow Integration, the OAuth authentication requires a Refresh Token and uses the corresponding Grant Type of “Refresh Token”.
However, acquiring a Refresh Token in ServiceNow requires an “out-of-band” authentication, as described in this post:
https://www.servicenow.com/community/developer-forum/how-to-generate-refresh-token/m-p/1568368

The authentication flow is further documented here:
https://www.servicenow.com/docs/bundle/zurich-platform-security/page/integrate/machine-identity/task/third-party-token-worflow-for-user-accounts.html

Also important to highlight that, when a Refresh Token is expired, API calls using it will return an HTML document instead of a JSON reply.

So the recommended integration for ServiceNow is to use the client_credentials Grant type, following this document from ServiceNow: 
https://www.servicenow.com/docs/bundle/zurich-platform-security/page/integrate/machine-identity/task/third-party-token-workflow-for-service-accounts.html

This relies on the creation of a ServiceNow service account user:
https://www.servicenow.com/docs/bundle/zurich-platform-security/page/integrate/machine-identity/task/configure-a-third-party-id-token.html

This approach requires only the client_id and client_secret, and no refresh_token and changes the grant_type from refresh_token to client_credentials.

To progress with our proof of concept, I have modified the ServiceNow integration code:

  •  authschemas/ServiceNow/ServiceNowOAuth.json
    • Added grant_type as a required field with ["refresh_token", "client_credentials"]
    • Changed refresh_token from required to optional.
  • Javascript/ServiceNow/authenticate.js
    • Changed grant_type to consume the field created in the authschemas
    • Injects Refresh Token if set
       

For reference, I have attached the modified code to this idea. 

We would need the ServiceNow Integration code to officially support the client_credentials before we progress to an official deployment within the client infrastructure. 

ServiceNow_1.0....
ServiceNow_1.0.69-modified.ssi.zip
 ServiceNow_1.0.69-modified.ssi.zip
Open full size
ServiceNow_1.0.69-modified.ssi.zip
Idea priority High

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.