Hi, Wanted to ask if you have found the way about this. I’m on the same boat of figuring how to incorporate the secret for security. Thanks in advance
Hi @salix1981 - Perhaps someone with more knowledge of ServiceNow will jump in for you, but from what I understand you would
- Create a Script REST API with Authentication turned off (Probably be good to restrict the source that would be accepted initially via ACL, etc.)
- Within the Script you would then need to
- Extract the Signature Header from the Request
- Decode Signature (Base64)
- Extract raw request BODY
- Compute the hash using SHA256 and the signing key/secret
- Compare the Signature with the Computed Hash
- Process Request or Reject depending on the outcome of the comparison
UiPath provides C# and Node.js examples of the receiving destination that you could use as a base for your SN REST API Script.