…thoughts on ServiceNow and digital transformation

Post

Generating a JWT in ServiceNow


The steps below are for generating a JWT from a ServiceNow instance. You need a computer on which you have admin rights in order to generate the JKS file. The steps below describe doing this on a Windows computer.

The below steps on done on a local computer

  1. Download OpenSSL for Windows https://slproweb.com/products/Win32OpenSSL.html
  2. Download Java SDK https://www.oracle.com/java/technologies/downloads/#java21
  3. Open up a command shell as Administrator
  4. Generate the X.509 keypair https://docs.servicenow.com/bundle/tokyo-application-development/page/administer/integrationhub-store-spokes/task/configure-jwt-authentication.html
  5. Generate a Java KeyStore file https://docs.servicenow.com/bundle/tokyo-application-development/page/administer/integrationhub-store-spokes/task/generate-a-java-keystore-file.html

The below steps are done in ServiceNow

  1. Upload the Java KeyStore certificate to ServiceNow instance https://docs.servicenow.com/bundle/tokyo-application-development/page/administer/integrationhub-store-spokes/task/upload-java-keystore-certificate-to-servicenow-instance.html
  2. Setup JWT Key and Provider (Step 5 of this blog post) https://developer.servicenow.com/blog.do?p=/post/jwt-github/
  3. Generate the token using a script (Step 6 of this blog post) https://developer.servicenow.com/blog.do?p=/post/jwt-github/

//from https://developer.servicenow.com/blog.do?p=/post/jwt-github/ with some slight modifications
var jwtAPI = new sn_auth.GlideJWTAPI();
var headerJSON = { typ: "JWT", alg: "RSA256"};
var header = JSON.stringify(headerJSON);
var gdt = new GlideDateTime();
gdt.addSeconds(6000);
//iss in line below needs to be changed if app id changes
var payloadJSON = { "iat": gs.now(), "iss": 'test', "exp": gdt };
var payload = JSON.stringify(payloadJSON);

//put the sys_id of the JWT provider below
var jwtProviderSysId = "REPLACEWITHSYS_IDOFPROVIDER";
var jwt = jwtAPI.generateJWT(jwtProviderSysId, header, payload);

gs.info("JWT:" + jwt);