e-signature using external IdP required for approvals

Ve Bui · ‎04-13-2023

I'm trying to configure an e-signature using an external IdP when approving a change request. This is for CFR Part-11 compliance. I've successfully configure the new identity provider in ServiceNow to authenticate with Okta. But I can't figure out how to trigger an re-authentication call to the newly configured IdP when I approve the change request.

I'm using the following product documentation:

https://docs.servicenow.com/bundle/rome-servicenow-platform/page/product/managed-documents/task/t_En...

https://docs.servicenow.com/bundle/sandiego-servicenow-platform/page/build/service-portal/task/enabl...

The attached image depicts what is currently happening when I modify a change request from Approved to Requested. Except that it just re-authenticates with ServiceNow again. I need this to call out to Okta to re-auth. See picture.

Randheer Singh · ‎04-14-2023

You can follow the steps provided here
https://docs.servicenow.com/bundle/utah-build-workflows/page/integrate/single-sign-on/task/sso-esign...

Ve Bui · ‎04-16-2023

I have Approval with e-Signature plugin enabled and SAML configuration to my Okta IdP configured but still not able to get Okta to pop up. I'll double check my work and let you know how it goes. Thank you in advance.

johnfeist · ‎05-09-2023

We are doing similar via Azure. What we got told is that we need to have the ForceAuthnRequest (Advanced tab) checked. When I made that change, I started getting the authentication request from Azure. The problem is that it functionally breaks SSO because now whenever users log in, they are forced to provide credentials.

Hope that helps.

:{)

Helpful and Correct tags are appreciated and help others to find information faster