Set up the Microsoft Azure DevOps Boards spoke using OAuth

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 4 Minuten Lesedauer

    • Integrate the ServiceNow instance and Azure DevOps Boards using OAuth 2.0 authentication to authenticate ServiceNow requests.

    Vorbereitungen

    • Request an Integration Hub subscription.
    • Activate Azure DevOps Boards spoke
    • Role required: admin.
    Wichtig:
    • If you are setting up the Azure DevOps Boards spoke using OAuth, you need not set up the spoke using personal access token.
    • If the Azure DevOps Boards spoke is already configured and set up, ensure that you set the value of Active to false for the existing connection before you proceed to set up the spoke using OAuth.

      If connection is already configured, set the value of Active to false.

    Register an application using the Microsoft Azure portal

    Provide authorization to the ServiceNow instance by registering an application in the Microsoft Azure portal.

    Vorbereitungen

    Role required: admin.

    Warum und wann dieser Vorgang ausgeführt wird

    Complete these steps from the Microsoft Azure portal.

    Prozedur

    1. Log in to the Microsoft Azure portal as an admin.
    2. Click App Registrations.
    3. Click New registration.
    4. On the form, fill in fields as per your requirement.
      For Redirect URI, specify the ServiceNow instance URL in this format: https://<ServiceNow-Instance-Name>.service-now.com/oauth_redirect.do.

      Register an application in Microsoft Azure portal.

    5. Click Register.
      The application is created and the values of Application (client) ID and Directory (tenant) ID are displayed.

      Values of Application (client) ID and Directory (tenant) ID displayed after application creation.

    6. Copy and record the values of Application (client) ID and Directory (tenant) ID.
    7. Generate a client secret for the application.
      1. Under Manage, click Certificates & secrets.
      2. Click New client secret.
      3. On the form, enter provide a description and specify the duration after which the secret expires.
      4. Click Add.

        Create a client secret.

        The client secret is created and its value is displayed.
      5. Copy the value of client secret for later use.

        Copy the value of client secret for later use.

    8. Provide the required API permissions to the application.
      1. Under Manage, click API permissions.
      2. Click Add a permission.
      3. Under Microsoft APIs, click Azure DevOps.

        Add API permissions.

      4. Expand vso and select these permissions vso.project_manage and vso.work_full.
        The User.Read permission under Microsoft Graph is selected by default. Configure other permissions as per your requirement.
      5. Click Grant admin consent for ServiceNow.

        Grant admin consent for ServiceNow.

      6. When prompted, confirm your choice to grant admin consent for ServiceNow.

    Ergebnisse

    An application has been registered in Microsoft Azure portal. You can use this application to connect to your Azure DevOps project from ServiceNow instance.

    Create an application registry in ServiceNow instance

    Use the information generated while registering an application in Microsoft Azure portal to create an application registry record in your ServiceNow instance.

    Vorbereitungen

    Role required: admin

    Prozedur

    1. Navigate to All > System OAuth > Application Registry.
    2. Click New.

      The system displays the message What kind of OAuth application?

    3. Select Connect to a third party OAuth Provider.
    4. On the form, fill in the fields.
      Tabelle : 1. Application Registries form
      Field Description
      Name Name to identify the application registry record. For example, Azure DevOps Boards OAuth App Reg.
      Client ID Value of Application (client) ID generated after you registered application in Azure portal.
      Client Secret Value of client secret generated after you registered application in Azure portal.
      Default Grant type Select Authorization Code.
      Token URL Token URL in this format: https://login.microsoftonline.com/<Tenant_ID>/oauth2/v2.0/token. Replace <Tenant_ID> with the value of Directory (tenant) ID generated after you registered application in Azure portal.
      Authorize URL Authorize URL in this format: https://login.microsoftonline.com/<Tenant_ID>/oauth2/v2.0/authorize. Replace <Tenant_ID> with the value of Directory (tenant) ID generated after you registered application in Azure portal.
    5. Click the OAuth Entity Scopes tab.
    6. Insert two rows with these values.
      Name OAuth scope
      vso.project_manage https://app.vssps.visualstudio.com/vso.project_manage
      vso.work_full https://app.vssps.visualstudio.com/vso.work_full
      offline_access offline_access

      Add OAuth Entity Scopes.

    7. Right-click the form header and click Save.

    Ergebnisse

    The application registry record is created and an OAuth entity profile record is created. For example, Azure DevOps Boards OAuth App Reg default_profile.

    Create a credential record for the Azure DevOps Boards spoke

    Create a credential record for the Azure DevOps Boards account. The Azure DevOps Boards spoke connection and credential alias uses this credential to authorize actions.

    Vorbereitungen

    Role required: admin

    Prozedur

    1. Navigate to All > Integration Hub > Connections & Credentials > Credentials.
    2. Click New.

      The system displays the message What type of Credentials would you like to create?.

    3. Select OAuth 2.0 Credentials.
    4. On the form, fill in the values.
      Tabelle : 2. OAuth 2.0 Credentials form
      Field Description
      Name Name of the credential record. For example, Azure DevOps Spoke OAuth Cred.
      OAuth Entity Profile Select the OAuth entity profile created when you created the application registry record. For example, Azure DevOps Boards OAuth App Reg default_profile.
    5. Right-click the form header and click Save.
    6. Click the Get OAuth Token related link.
      OAuth Refresh token is generated upon authentication and its expiry details are also displayed.

    Create a connection record for the Microsoft Azure DevOps Boards Spoke

    Create a connection record that enables the ServiceNow instance to send connection requests to the Microsoft Azure DevOps Boards.

    Vorbereitungen

    Role required: admin

    Prozedur

    1. Navigate to All > Process Automation > Workflow Studio.
    2. Select Integrations.
    3. In the Search all connections field, enter Azure DevOps Boards.
      Confirm that the Outbound tab is selected.
    4. In the Azure_DevOps_Boards tile, select View Details.
      View Details button on Azure DevOps Boards tile.
    5. Select Configure.
    6. Fill the form.
      Tabelle : 3. Azure DevOps Boards connection form
      Field Description
      Connection Name Option to provide the name of the connection record. The default and read-only name of the first connection record that you create is Azure_DevOps_Boards.
      Connection URL Option to provide the endpoint that the alias uses to interact with your Azure DevOps environment.
      Client ID Option to provide the client ID that you generated while registering an application on Microsoft Azure portal.
      Client Secret Option to provide the client secret that you generated while registering an application on Microsoft Azure portal.
      OAuth Redirect URL Option to provide the redirect URL. You must provide the redirect URL in the format https://<your-instance-name>.service.now.com/oauth_redirect.do.
      Tenant ID Option to provide the tenant ID that you generated while registering an application on Microsoft Azure portal.
      Create Connection form.
    7. Select Create and Get OAuth Token.
      You log in to the Microsoft Azure portal and upon successful authentication, OAuth token is issued.

      OAuth token is available.