ServiceNow Securlet stops working after 100 days
search cancel

ServiceNow Securlet stops working after 100 days


Article ID: 226301


Updated On:


CASB Security Advanced CASB Security Premium CASB Security Standard CASB Securlet SAAS


The ServiceNow Securlet has been working without any issue for about 3 months, but it abruptly stops fetching new events. 


The ServiceNow OAuth API issues refresh tokens with a default 8,640,000 seconds (100 days) lifespan. As a result, the ServiceNow Securlet will not be able to fetch new information after the refresh token lifespan ends.


Deactivating and reactivating the ServiceNow Securlet resets the refresh lifespan.

Additionally, the ServiceNow admin can set the Refresh Token Lifespan to a very large number to ensures the Refresh token does not expire every 100 days. 

Additional Information

The refresh token issue is a known limitation on ServiceNow side. ServiceNow didn't give us much feedback on this.

The expiration period can be extended from the "ServiceNow" side as per the steps provided above; Review with your internal Security Team to make sure that the period set complies with the internal policies and business requirements.