ServiceNow Connector is returning 400 Bad Request errors.

The problem is caused by ServiceNow making changes where the new code is rejecting requests from IM because of duplicate header values.

Engineering could not reproduce the duplicate header error with the out-of-box ServiceNow policy and the ServiceNow instance that they have.

The did note that per the API Gateway documentation it seems that the out-of-box policy will add duplicate headers to the HTTP Routing Assertion:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-4/policy-assertions/assertion-palette/message-routing-assertions/route-via-http-s-assertion.html#concept.dita_049ffc6cf73f4e1b368ebb8707b00fe50b5546cc_ConfiguringtheAuthenticationTab

The documentation mentions that the "Use HTTP Credentials from Request" option in the Authentication tab itself adds the Authorization header and adding the "Authorization" header in the Headers tab would be redundant. Hence we suggest deleting the explicit "Authorization" header entry under Headers tab in your custom ServiceNowMDT policy and test if that resolves the error you are seeing. Removing this did not impact the out-of-box policy in the testing Engineering did.