search

dynamicdan / sn-filesync

2-way sync ServiceNow field values to local files
MIT License
66 stars 37 forks source link

Error: 401 - Unauthorized - Check credentials. #41

Closed vrfox closed 7 years ago

vrfox commented 7 years ago

I have checked 5 times the credentials in the appconfig, and in the servicenow instance i can connect without problem with the instance.

On other instances it works perfectly but not in this one, any ideas?

17:33:49 - info: ERROR in query or response.
17:33:49 - info:  Error: 401 - Unauthorized - Check credentials.
    at validateResponse (/mnt/c/Users/Carlos Boney/Documents/sn-filesync/lib/snc-client.js:98:24)
    at Request.handleResponse (/mnt/c/Users/Carlos Boney/Documents/sn-filesync/lib/snc-client.js:146:27)
    at emitTwo (events.js:87:13)
    at Request.emit (events.js:172:7)
    at Request.mixin._fireSuccess (/mnt/c/Users/Carlos Boney/Documents/sn-filesync/node_modules/@mishguru/restler/lib/restler.js:247:10)
    at /mnt/c/Users/Carlos Boney/Documents/sn-filesync/node_modules/@mishguru/restler/lib/restler.js:179:20
    at IncomingMessage.parsers.auto (/mnt/c/Users/Carlos Boney/Documents/sn-filesync/node_modules/@mishguru/restler/lib/restler.js:416:7)
    at Request.mixin._encode (/mnt/c/Users/Carlos Boney/Documents/sn-filesync/node_modules/@mishguru/restler/lib/restler.js:216:29)
    at /mnt/c/Users/Carlos Boney/Documents/sn-filesync/node_modules/@mishguru/restler/lib/restler.js:175:16
    at Request.mixin._decode (/mnt/c/Users/Carlos Boney/Documents/sn-filesync/node_modules/@mishguru/restler/lib/restler.js:191:7)
vrfox commented 7 years ago

Is there a setting inside the servicenow that prevents this?

dynamicdan commented 7 years ago

What version of ServiceNow are you using (see stats.do)? When I'm not logged in I get 401. When I'm logged in but something else is stopping me I get 403 "User Not Authorized" (from ServiceNow page).

Try browsing directly to the request end point: https://<domain>/sys_script.do?JSONv2&sysparm_record_count=2&sysparm_action=getRecords

This works on at least Helsinki patch 9 (which I just tested). Let me know what happens.

Also, check what this shows: https://<domain>/api/now/table/sys_script

vrfox commented 7 years ago

BTW im trying just to download all the catalog client scripts

Try browsing directly to the request end point: https:///sys_script.do?JSONv2&sysparm_record_count=2&sysparm_action=getRecords

{
    "records": [{
        "sys_replace_on_upgrade": "false",
        "read_access_action": "false",
        "action_insert": "true",
        "action_update": "true",
        "advanced": "true",
        "action_delete": "false",
        "sys_updated_on": "2012-10-03 19:44:11",
        "when": "before",
        "sys_updated_by": "tom.dilatush",
        "sys_created_on": "2012-10-03 19:44:11",
        "action_name": "",
        "sys_domain": "global",
        "sys_name": "Set default base name",
        "sys_created_by": "tom.dilatush",
        "order": "100",
        "__status": "success",
        "onclick": "",
        "active": "true",
        "sys_overrides": "",
        "collection": "cmdb_ci_vmware_template",
        "priority": "100",
        "script": "current.base_name = 'global';",
        "action_run_at": "server",
        "condition": "current.base_name.nil();",
        "sys_update_name": "sys_script_0022d5669730300010cb1bd74b29750c",
        "name": "Set default base name",
        "role_conditions": "",
        "sys_policy": "",
        "client_callable": "false",
        "template": "",
        "access": "package_private",
        "change_fields": "false",
        "description": "",
        "action_query": "false",
        "action_label": "",
        "sys_class_name": "sys_script",
        "sys_id": "0022d5669730300010cb1bd74b29750c",
        "is_rest": "false",
        "rest_method_text": "",
        "rest_service_text": "",
        "sys_scope": "global",
        "rest_method": "",
        "rest_service": "",
        "add_message": "false",
        "sys_mod_count": "0",
        "message": "",
        "sys_tags": "",
        "abort_action": "false",
        "execute_function": "false",
        "filter_condition": "",
        "sys_package": "dffc0b026f0202009b8ab4bc5d3ee49d",
        "application": "",
        "rest_variables": "",
        "sys_customer_update": "false"
    }, {
        "sys_replace_on_upgrade": "false",
        "read_access_action": "false",
        "action_insert": "false",
        "action_update": "false",
        "advanced": "true",
        "action_delete": "false",
        "sys_updated_on": "2015-11-23 22:25:23",
        "when": "before_display",
        "sys_updated_by": "admin",
        "sys_created_on": "2015-11-23 21:26:39",
        "action_name": "",
        "sys_domain": "global",
        "sys_name": "Rule validation on Identifier Entry form",
        "sys_created_by": "admin",
        "order": "999",
        "__status": "success",
        "onclick": "",
        "active": "true",
        "sys_overrides": "",
        "collection": "cmdb_identifier_entry",
        "priority": "100",
        "script": "new IdentificationRuleValidator(current.sys_id).validate();",
        "action_run_at": "",
        "condition": "gs.isInteractive() && !current.isNewRecord()",
        "sys_update_name": "sys_script_0037d7579f330200d3921a1cf67fcf1d",
        "name": "Rule validation on Identifier Entry form",
        "role_conditions": "",
        "sys_policy": "",
        "client_callable": "false",
        "template": "",
        "access": "package_private",
        "change_fields": "false",
        "description": "",
        "action_query": "false",
        "action_label": "",
        "sys_class_name": "sys_script",
        "sys_id": "0037d7579f330200d3921a1cf67fcf1d",
        "is_rest": "false",
        "rest_method_text": "",
        "rest_service_text": "",
        "sys_scope": "global",
        "rest_method": "",
        "rest_service": "",
        "add_message": "false",
        "sys_mod_count": "1",
        "message": "",
        "sys_tags": "",
        "abort_action": "false",
        "execute_function": "false",
        "filter_condition": "",
        "sys_package": "608932836f001100bfe59be44b3ee4df",
        "application": "",
        "rest_variables": "",
        "sys_customer_update": "false"
    }]
}

Also, check what this shows: https:///api/now/table/sys_script

Keeps asking for authentication on that one

Build name: Helsinki Build date: 03-22-2017_2340 Build tag: glide-helsinki-03-16-2016__patch9-hotfix0a-03-17-2017

same version as my personal instance, and in my personal instance it works

dynamicdan commented 7 years ago

The first URL shows that you can access records. This is the same URL/JSON call that SN-Filesync uses. I did however have problems with this call on a newer SN instance with some kind of ACL blocking me. I'm wondering if we need to modify the table access settings "Allow web services". There are numerous posts on this topic on the community. I'll see what I can find out. You should also look into allowing more read/write access to see if that resolves the issue. There is either a web API ACL rule OR it's just a setting on your user account or table.

Have you had this problem with an Istanbul instance?

vrfox commented 7 years ago

So I found it, they just explained to me that the user that makes the API calls has to be basic auth, my users while its admin it is SSO so no API access.