From c89a0e2faf5e3c399e32ce177ac2d00d6042ddf9 Mon Sep 17 00:00:00 2001
From: Charanjeet <35090930+Charanjet@users.noreply.github.com>
Date: Sat, 18 Oct 2025 15:58:29 +0530
Subject: [PATCH 1/2] Add API token expiry warning notification script

---
 .../API Token Expiry Warning.js               | 53 +++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 Server-Side Components/Scheduled Jobs/API Token Expiry Warning/API Token Expiry Warning.js

diff --git a/Server-Side Components/Scheduled Jobs/API Token Expiry Warning/API Token Expiry Warning.js b/Server-Side Components/Scheduled Jobs/API Token Expiry Warning/API Token Expiry Warning.js
new file mode 100644
index 0000000000..6b43987d6b
--- /dev/null
+++ b/Server-Side Components/Scheduled Jobs/API Token Expiry Warning/API Token Expiry Warning.js	
@@ -0,0 +1,53 @@
+(function() {
+
+    // Configuration via system properties
+    var warningDays = parseInt(gs.getProperty('api.token.expiry.warning.days', '7'), 10); // Days before expiry to warn
+    var emailRecipients = gs.getProperty('api.token.expiry.email.recipients', 'admin@example.com'); // Comma-separated emails
+
+    // Current time and warning threshold time
+    var now = new GlideDateTime();
+    var warningDate = new GlideDateTime();
+    warningDate.addDays(warningDays);
+
+    // Query oauth_credential records with expires_on between now and warningDate
+    var gr = new GlideRecord('oauth_credential');
+    gr.addQuery('expires_on', '>=', now);
+    gr.addQuery('expires_on', '<=', warningDate);
+    gr.addQuery('active', '=', true); // Only active tokens
+    gr.orderBy('expires_on');
+    gr.query();
+
+    if (!gr.hasNext()) {
+        gs.info('No OAuth credentials nearing expiry within ' + warningDays + ' days.');
+        return;
+    }
+
+    // Build notification email body
+    var emailBody = '<h3>API Token Expiry Warning</h3>';
+    emailBody += '<p>The following OAuth credentials are set to expire within ' + warningDays + ' days:</p>';
+    emailBody += '<table border="1" cellpadding="5" cellspacing="0" style="border-collapse:collapse;">';
+    emailBody += '<tr><th>Name</th><th>User</th><th>Client ID</th><th>Expires On</th></tr>';
+
+    while (gr.next()) {
+        emailBody += '<tr>';
+        emailBody += '<td>' + gr.getDisplayValue('name') + '</td>';
+        emailBody += '<td>' + gr.getDisplayValue('user') + '</td>';
+        emailBody += '<td>' + gr.getValue('client_id') + '</td>';
+        emailBody += '<td>' + gr.getDisplayValue('expires_on') + '</td>';
+        emailBody += '</tr>';
+    }
+    emailBody += '</table>';
+    emailBody += '<p>Please review and renew tokens to avoid integration failures.</p>';
+
+    // Send the email
+    var mail = new GlideEmailOutbound();
+    mail.setFrom('no-reply@yourdomain.com');
+    mail.setSubject('[ServiceNow] OAuth API Token Expiry Warning');
+    mail.setTo(emailRecipients);
+    mail.setBody(emailBody);
+    mail.setContentType('text/html');
+    mail.send();
+
+    gs.info('OAuth token expiry warning email sent to: ' + emailRecipients);
+
+})();

From c1d3a55e045beb78bd2387c0f77374d625dec0ef Mon Sep 17 00:00:00 2001
From: Charanjeet <35090930+Charanjet@users.noreply.github.com>
Date: Sat, 18 Oct 2025 15:59:40 +0530
Subject: [PATCH 2/2] Create Readme.md for API Token Expiry Warning script

Added documentation for the API Token Expiry Warning script, detailing its purpose and benefits.
---
 .../Scheduled Jobs/API Token Expiry Warning/Readme.md        | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 Server-Side Components/Scheduled Jobs/API Token Expiry Warning/Readme.md

diff --git a/Server-Side Components/Scheduled Jobs/API Token Expiry Warning/Readme.md b/Server-Side Components/Scheduled Jobs/API Token Expiry Warning/Readme.md
new file mode 100644
index 0000000000..4ec5e8a490
--- /dev/null
+++ b/Server-Side Components/Scheduled Jobs/API Token Expiry Warning/Readme.md	
@@ -0,0 +1,5 @@
+API Token Expiry Warning Script
+**Overview**
+This script provides proactive monitoring and alerting for OAuth API tokens stored in the ServiceNow oauth_credential table. It identifies tokens nearing expiry within a configurable countdown window and sends notification emails to administrators, helping prevent sudden integration failures due to expired credentials.
+**Problem Solved**
+API tokens used for integrations have expiration timestamps after which they become invalid. Without early warnings, tokens can expire unnoticed, causing integration outages, failed API calls, and increased support incidents. This solution enables administrators to receive timely alerts allowing proactive token renewal and smoother integration continuity.