Web Service Authentication fails for calls from Servicenow to WorkdayIssue Workday integration with Servicenow uses SOAP calls. The authentication fails when the Web service calls use X509 certificate in the API headers as part of ws security. It works fine when used with basic username/password.ReleaseAll versionsCauseIf the web service call is configured to use X509 certificates to authenticate as part of WS security, below request headers and corresponding response is observed in logs : Request : <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-6307b017-c73a-48fd-b290-6f01d95f5c20">XXXXXXXXXXX</wsse:BinarySecurityToken> Response: <?xml version="1.0" encoding="utf-8"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Body><SOAP-ENV:Fault xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wd="urn:com.workday/bsvc"><faultcode>SOAP-ENV:Client.authenticationError</faultcode><faultstring>invalid username or password</faultstring></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope> The SOAP call test from SOAP UI also results with authentication failure with same error. Reason for the failure : Servicenow does not support adding X509Data with X509SubjectName and X509Certificate under KeyInfo, in the request headers as part of API authentication. Only supported Key Identifier Type with Service now is : "Binary Security Token Direct Reference", apart from basic username/password. ResolutionEven though, Servicenow supports "Binary Security Token Direct Reference", workday does not support the same. The only workaround at the moment is to use basic username/password in SOAP calls for API authentication.