web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Agent Academy Hackathon is happening now!
Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Copilot Studio / ServiceNow Connector -...
Copilot Studio
Suggested Answer

ServiceNow Connector - Missing Code_Challenge Parameter

(1) ShareShare
ReportReport
Posted on by CU06041633-0 4
I am trying to use the ServiceNow Connector in Copilot Studio, but I am having difficulties establishing the connection. I am trying to authenticate using OAuth2 and I have created an OAuth API endpoint for external clients. However, whenever I test the connection using Copilot Studio, it gives me the error: Missing code_challenge parameter in the request. I have tested this connecting using Postman and it works, but not sure why it doesn't work with Copilot. Anyone have any ideas on how to fix this?
Categories:
General topics
I have the same question (0)
  • Suggested answer
    Michael E. Gernaey Profile Picture
    Michael E. Gernaey 53,963 Moderator on at
     
    Are you adding the header?
     
    Firstly let me share this
     
    And Share this where you can see to generate the challenge
     
    Here's a breakdown of the process:
     
    1. Understanding the Concept
    • PKCE (Proof Key for Code Exchange):
      PKCE is a security enhancement for OAuth 2.0 authorization code grant, designed to protect against potential vulnerabilities, especially when dealing with public clients.
    • Code Verifier and Code Challenge:
      A code verifier is a randomly generated secret, and the code challenge is a transformed version of the code verifier, used in the authorization request. 
       
    2. Power Automate Flow Steps
    • Create a Power Automate Flow:
      • Start a new automated cloud flow in Power Automate. 
         
      • Choose a trigger that suits your needs, such as "When an HTTP request is received" or "When an item is created/modified". 
         
    • Generate a Code Verifier:
      • Add a "Compose" action to generate a random code verifier. 
         
      • Use a formula like base64ToText(encodeBase64(NewGuid())) to create a random string. 
         
    • Derive the Code Challenge:
      • Add another "Compose" action to derive the code challenge. 
         
      • Use a formula like sha256(base64ToText(encodeBase64(outputs('Compose_1').body))) to perform the SHA256 hash of the code verifier. 
         
    • Store the Code Verifier:
      • Add a "Create file" action to store the code verifier securely. 
         
    • Prepare the Authorization Request:
      • Add an "HTTP" action to make the request to the ServiceNow authorization endpoint. 
         
      • Configure the request with:
        • Method: POST 
           
        • URL: ServiceNow's authorization endpoint URL 
           
        • Headers:
          • Content-Type: application/x-www-form-urlencoded 
             
          • Authorization: Bearer <your_bearer_token> (if applicable) 
             
        • Body:
          • client_id=<your_client_id> 
             
          • redirect_uri=<your_redirect_uri> 
             
          • scope=<your_scope> 
             
          • code_challenge=<code_challenge> 
             
          • code_challenge_method=S256 
             
          • state=<your_state> (optional, for tracking) 
             
    • Handle the Response:
      • Add actions to handle the response from ServiceNow, such as:
        • Extracting the authorization code from the response 
           
        • Sending the authorization code to the next step in your flow 
           
        • Storing the authorization code for later use 
           
    3. ServiceNow Configuration
    • OAuth 2.0 Application:
      • Create an OAuth 2.0 application in ServiceNow.
      • Configure the application with:
        • Client ID: The client ID for your application
        • Client Secret: The client secret for your application
        • Redirect URI: The URL where ServiceNow will redirect the user after authorization
        • Scope: The permissions your application needs
    • Authorization Endpoint:
      • Note the authorization endpoint URL for your ServiceNow instance. 
     
     
    If this helps please Mark as such and maybe a like!!
     
    Cheers
  • EF-02072235-0 Profile Picture
    EF-02072235-0 3 on at
    Hello @Michael E. Gernaey

    I am having a similar issues when trying to establish a Service Now Knowledge Base for my Agent. It seems like the "Code_Challenge" parameter in the header of the request might note be there? how do you fix that? I have tried in both Chrome and Edge.


Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Agent Academy Hackathon is happening now!
Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the April Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Copilot Studio

#1
Valantis Profile Picture

Valantis 531

#2
Vish WR Profile Picture

Vish WR 293

#3
Haque Profile Picture

Haque 208

Last 30 days Overall leaderboard

Featured topics

Announcing the "Microsoft Copilot Studio ❤️ MCP" lab
Block PII/PCI in Copilot Studio agent user prompt

Product updates

Microsoft Power Platform Community release plans