search cancel

ServiceNow Securlet stops working after 100 days

book

Article ID: 226301

calendar_today

Updated On:

Products

CASB Security Advanced CASB Security Premium CASB Security Standard CASB Securlet SAAS

Issue/Introduction

The ServiceNow Securlet has been working without any issue for about 3 months, but it abruptly stops fetching new events. 

Cause

The ServiceNow OAuth API issues refresh tokens with a default 8640000 seconds (100 days) lifespan. As a result, the ServiceNow Securlet will not be able to fetch new information after the refresh token lifespan ends.

Resolution

Deactivating and reactivating the ServiceNow Securlet can reset the refresh lifespan.

Additionally, the ServiceNow admin can set the Refresh Token Lifespan to a very large number to ensures the Refresh token does not expire every 100 days. 

Additional Information

This is the known refresh token issue. ServiceNow didn't give us much feedback on this. This issue is known from ServiceNow. The recommendation is to set a very long refresh token expiry (default is 100days, I believe -so put something like two years or so). If the customer's security team doesn't allow them to set the refresh token that long, they'll keep facing this and have to reactivate it to fetch a new refresh token.

Attachments