How to make a ServicePortal Page auto redirecting to Single Sign On page instead of default login page?

sshah10 · ‎06-23-2018

Hello,

I have recently successfully implemented a SAML 2 based Azure Single Sign On (SSO), which now allows users to sign in using their microsoft account. After implementing the SSO, I had also configured the system property, glide.authenticate.sso.redirect.idp, where I have saved the sys id for our identity provider, to ensure users are automatically redirected to the microsoft login page when they are accessing the instance as a non-logged in user, as suggested at: https://docs.servicenow.com/bundle/geneva-servicenow-platform/page/integrate/single_sign_on/task/t_M....

There are a few issues I have observed and that users have reported based on this implementation, which I was hoping somebody here can help me resolve.

The first issue is, when a non-logged in user, navigates directly to a portal page within our instance, which requires a logged in user to access it, i.e. https://[instance_name].service-now.com/[portal_page_name], they are auto redirected to the default Service Portal login page, instead of being auto redirected to the Microsoft SingleSign On page. how can i configure the service portal to also auto redirect to the single sign on idp, I have looked online and have attempted some suggested solutions, but none of them seem to work.

Secondly, a few users complained about their page automatically being refreshed while they were working on Studio, by the SSO (as the url changes to microsoft login), causing them to lose any unsaved work. I believe the issue may be related to some kind of inactivity timers, but I am not entirely sure. What could be the cause for this issue and what can I do to resolve it.

I would really appreciate any solution for the above issues I have mentioned in relation to SSO implementation

Thank you.

Mike Patel · ‎06-23-2018

Update below system properties with the sysid of IDP. Go to sys_properties.list Search: name is glide.authenticate.sso.redirect.idp

neetusingh · ‎06-23-2018

Can you check if your instance has "Integration - Multiple Provider Single Sign-On Installer" plugin as "Active". If not, please activate that and check again if SP redirects to IDP page.

And for session time out, there is an out of the box system property - glide.ui.session_timeout (30 minutes). You can modify the time as per the need.

Note: Users who select the Remember me checkbox will never timeout and are unaffected by session timeout properties.

https://docs.servicenow.com/bundle/geneva-servicenow-platform/page/administer/user_sessions/task/t_ModifySessionTimeout.html

sshah10 · ‎06-23-2018

Hello,

Thank you for your quick reply.

Enabling "Integration - Multiple Provider Single Sign-On Installer" was the first thing I had to do to configure single signon in servicenow with azure, I had used the following guide to help me configure the single sign-on: https://docs.microsoft.com/en-gb/azure/active-directory/saas-apps/servicenow-tutorial.

Thank you very much I will attempt to increase the glide.ui.session_timeout value to see if it fixes the refresh issue. The users that faced the issue, said they were facing it even though they clicked yes to the "stay signed in" option in the microsoft login page.

Pedro Nascimen1 · ‎10-01-2019

Have you figured out how to do this? I need to do exactly the same thing and nothing that I've tried or saw on the community/docs worked.