Automatically get a new OAuth Access Token When The Old One Expires (Unsupported Custom Scheduled Job)SummaryPlease note that the script mentioned below is using "refresh_token" grant type which is basically to get new access token.You can have a Scheduled Script Execution with the below script automatically retrieve new access tokens that are about to expire (as long as the refresh token has not yet expired) . This example is for Outbound Rest messages configured with Oauth. Please note this is just a sample script for reference, and counts as an unsupported customisation. Any further customization should be made referring to ServiceNow documentation for OAuth client libraries. Important note: Please note that the ServiceNow platform can fetch a new access token if the previous access token has expired and only if a valid refresh token is present in the oauth_credential table. Customers are not required to write this scheduled job to fetch the new access token. And, If the token provider can send a new refresh token during the access token retrieval, the platform has the capability to update the newly received refresh token in the oauth_credential table.Instructionsfunction refreshAccessToken(requestorId, oauthProfileId, token) { if ( !(token && requestorId && oauthProfileId)) return; var tokenRequest = new sn_auth.GlideOAuthClientRequest(); tokenRequest.setGrantType("refresh_token"); tokenRequest.setRefreshToken(token.getRefreshToken()); tokenRequest.setParameter('oauth_requestor_context','sys_rest_message'); tokenRequest.setParameter('oauth_requestor', requestorId); tokenRequest.setParameter('oauth_provider_profile',oauthProfileId); var oAuthClient = new sn_auth.GlideOAuthClient(); var tokenResponse = oAuthClient.requestTokenByRequest(null,tokenRequest); var error = tokenResponse.getErrorMessage(); if (error) gs.warn("Error:" + tokenResponse.getErrorMessage()); } function isExpired(expiresIn, withinSeconds) { if (expiresIn > withinSeconds) return false; return true; } function getToken(requestorId, oauthProfileId) { if (!requestorId || !oauthProfileId) return null; var client = new sn_auth.GlideOAuthClient(); return client.getToken(requestorId, oauthProfileId); } function checkAndRefreshAccessToken(grRestMessage) { if (grRestMessage.getValue("authentication_type") != "oauth2" ) return false; var accountMsg = grRestMessage.getValue("name"); if (!accountMsg) accountMsg = grRestMessage.getUniqueValue(); accountMsg = "Account=\"" + accountMsg + "\""; var token = getToken(grRestMessage.getUniqueValue(), grRestMessage.getValue('oauth2_profile')); var accessToken = token.getAccessToken(); if (accessToken) { if (!isExpired(token.getExpiresIn(), 300)) return; } if (!token.getRefreshToken()) { gs.error("No OAuth refresh token for Rest Message. Manual reauthorization required. " + accountMsg); return; } if (isExpired(token.getRefreshTokenExpiresIn(), 0)) { gs.error("OAuth refresh token for Rest Message is expired. Manual reauthorization required. " + accountMsg); return; } gs.info("Refreshing oauth access token for Rest Message account. " + accountMsg); refreshAccessToken(grRestMessage.getUniqueValue(), grRestMessage.getValue('oauth2_profile'), token);} var grAccount = new GlideRecord("sys_rest_message");grAccount.addQuery("authentication_type", "oauth2");grAccount.addNotNullQuery("oauth2_profile");grAccount.query(); while (grAccount.next()) { checkAndRefreshAccessToken(grAccount);}