We are looking to implement the ServiceNow Jira Webhook (JiraCloud) to enable bi-directional updates. In the push flow from Jira to ServiceNow, the configuration documentation uses API Token.
Is it possible to use OAuth instead of the API Token.
If not, what are security best practices to secure the webhook? E.g., IP address restrictions
Thanks for the reference. We will see if we can use this.
Re the ServiceNow spoke - we are using the servicenow jira spoke - but the documentation for the bidirection flow back from Jira to ServiceNow only specifies API token, and the infosec security team are raising a risk on API tokens.