How to set up OIDC provider on ServiceNow instance SummaryThis article explains how to set up OIDC provider( Okta) on ServiceNow instancegenerate identity token using 3rd party client like POSTMANmake a call with identity tokens generated by a third-party OIDC provider for inbound API calls to ServiceNow.Please note any information regarding 3rd party OIDC provider should be obtained from the 3rd party vendor InstructionsOIDC stands for OpenID Connect (http://openid.net/connect/).It is an authentication layer on top of OAuth 2.0It allows clients, like ServiceNow, to verify the identity of the end user by sending the JWT token containing the end user information to OIDC provider. 1) Create free Okta developer account https://developer.okta.com/signup/ 2)create new application -> type -> Web with the below settings 3) a)Login redirect URIs is: https://getpostman.com/oauth2/callback b) create a user (with an email address) and associate this user to the application 4)On the ServiceNow instance System OAuth - > Application Registry What kind of OAuth application?Select -> 'Configure an OIDC provider to verify ID tokens.' 5) a)Provide Name b)Client ID & Client Secret from the Okta application created in step 2 c)OAuth OIDC Provider Configuration-> Click on Magnifying glass-> New OIDC Provider -> Provide a name OIDC Metadata URL -> https://<okta_developer_instance>/.well-known/openid-configuration <okta_developer_instance> is the developer account name created in step 1 for example: https://dev-735661.okta.com/.well-known/openid-configuration User Claim : email User Field : Email Please check the below screenshots: 6) Create a user in sys_user table to have an email matching the user created in step 3 (b). Also, make sure this user has the roles required to access or write to the tables you plan to query or update. 7) To generate ID token: From the POST MAN REST Client click on OAuth 2.0 -> Authoriztion-> Get New Access Token . Fill in the details to match the configuration done above . Sample call - 8)Once you click on "Request Token" you will be prompted with an authorization screen for the OIDC provider end point. Provide the user details created in step 3 (b) 9)The end point will respond with Access Token and id_token . Copy the id_token and validate by going to https://jwt.io/, clicking the Debugger menu, and pasting the id_token into the Encoded field. The Decoded PAYLOAD: DATA section should show the expected decoded information. 10)Make a call to ServiceNow REST end point with header 'Authorization' and value 'Bearer <id_token>'