The Zurich release has arrived! Interested in new features and functionalities? Click here for more

best practise to authenticate external users

bauwenser3
Kilo Explorer

‎06-22-2015 10:43 AM

Does anyone knows the best way and most secure way is to authenticate external users on ServiceNow?

We are in the process of building an application that needs to be exposed to users from our organization (they can be savely added as ServiceNow users)

and external users (from the outside world - the Internet), our concern is that if we make our application available to the public is that our ServiceNow instance might be compromised. We do not have enough experience with the ServiceNow security model to approach this, so if anyone can guide me into the right directon I will be most grateful. Thanks.

0 Helpfuls
  • 1,546 Views
2 REPLIES 2

Pradeep Sharma
ServiceNow Employee
ServiceNow Employee

‎06-22-2015 10:47 AM

Hi Eric,



You may find the below link helpful.


http://wiki.servicenow.com/?title=External_Authentication_(Single_Sign-On_-_SSO)#gsc.tab=0


trishjohnson
Kilo Guru

‎10-20-2016 11:59 AM

Little late for the reply, but for us at BD it's self-registration.



http://wiki.servicenow.com/index.php?title=User_Self-Registration#gsc.tab=0



Multi-SSO is great!   But what are your chances of getting all that SSO information from every company you work with?   Not very likely.



Our friendly URL that we give to the world sends you to a Self-Registration page where you can either click to login if you've been there before, or Register.   We capture some critical information in registration that we can tag to their user profile (Company, Vendor/Customer, Country, etc..) and then all registrations are sent to approval groups based on WHO/WHAT the person registering is.



HIGHLY recommend this mechanism unless you're talking about a few small companies that you're confident you'll have all IDP, SSO and IT support from THEM to make work.


0 Helpfuls