ServiceNow Securlet stops working after 100 days
search cancel

ServiceNow Securlet stops working after 100 days

book

Article ID: 226301

calendar_today

Updated On:

Products

CASB Security Advanced CASB Security Premium CASB Security Standard CASB Securlet SAAS

Issue/Introduction

The ServiceNow Securlet has been working without any issue for about 3 months, but it abruptly stops fetching new events. 

Cause

The ServiceNow OAuth API issues refresh tokens with a default 8,640,000 seconds (100 days) lifespan. As a result, the ServiceNow Securlet will not be able to fetch new information after the refresh token lifespan ends.

Resolution

Deactivating and reactivating the ServiceNow Securlet resets the refresh lifespan.

Additionally, the ServiceNow admin can set the Refresh Token Lifespan to a very large number to ensures the Refresh token does not expire every 100 days. 

Additional Information

The refresh token issue is a known limitation on ServiceNow side. ServiceNow didn't give us much feedback on this.

The expiration period can be extended from the "ServiceNow" side as per the steps provided above; Review with your internal Security Team to make sure that the period set complies with the internal policies and business requirements.

 

Powered by Wolken Software