Hey everyone, I’ve run into a really strange issue with the Data Action calling ServiceNow for PII deletion. The webhook payload matches the docs, but SNOW rejects it.
/api/now/table/incident.401 Unauthorized.Basic auth headers are correct. Token works via Postman. Is there a specific scope required for the OAuth client in the EU-West region?
The documentation actually says nested objects in Data Actions need explicit type mapping in the schema definition, otherwise the platform rejects the payload structure. Check that your input schema matches the ServiceNow API spec exactly.
Oh, this is a known issue with OAuth2 token lifecycles in Data Actions. The documentation explicitly states that refresh intervals must be handled to prevent race conditions, especially when integrating with strict enterprise systems like ServiceNow. The 401 error often occurs not because the initial token is invalid, but because the token expires during the execution window of the GDPR wipe flow. While the suggestion above regarding schema mapping is valid for payload structure, it does not address the authentication failure. In multi-site deployments, the issue frequently lies in the end-point timeout settings rather than the IAM permissions. Try increasing the timeout threshold for the Data Action and ensuring the OAuth client has the specific oauth:client:read scope enabled for the EU-West region. This usually resolves the unauthorized access errors seen in production environments.