Hello fellow ServiceNow developers,

I’m reaching out to the community for assistance with an issue we’re experiencing regarding redirect functionality after SSO login.

We have implemented a custom Single Sign-On setup, and while it works as expected most of the time, we’ve encountered intermittent problems. Specifically, when users click on a direct link (e.g., to an incident from an email notification) without being authenticated, the behavior is inconsistent:

• Expected Behavior: Users are redirected to the intended page after completing the SSO login.
• Observed Behavior: Sometimes the redirection works correctly, but other times users are redirected to fallback pages.

Technical Implementation:

SSO Authentication:

• We implemented a custom script include named MultiSSO_OIDC_custom, which calls the OOB method new SPEntryPage().getFirstPageURL() from the SPEntryPage script include.
• Additionally, we modified the script with the following line: 

request.getSession().setAttribute('u_redirect_to', session.getProperty("starting_page"));​

Redirect Logic in Single Sign-On Script:

• Our MultiSSO_DigestedToken script includes the following redirect logic: 

var u_redirect_to = request.getSession().getAttribute('u_redirect_to');
gs.info('DEBUG_LOGIN_REDIRECT | User: ' + ugr.getValue("user_name") + ' | Initial Redirect URL: ' + u_redirect_to);
var requestUri = request.getRequestURI();

if (requestUri && requestUri.indexOf('login_with_sso') >= 0) {
    if (u_redirect_to) {
        gs.info('DEBUG_LOGIN_REDIRECT | User: ' + ugr.getValue("user_name") + ' | Role Check: hasItilRole=' + hasItilRole + ', hasAdminRole=' + hasAdminRole + ' | Redirecting to URL: ' + u_redirect_to);
        action.setRedirect(u_redirect_to);
    } else {
        if (hasItilRole || hasAdminRole) {
            gs.info('DEBUG_LOGIN_REDIRECT | User: ' + ugr.getValue("user_name") + ' | ITIL/ADMIN | Redirecting to URL: navpage.do');
            action.setRedirect("/navpage.do");
        } else {
            var defaultRedirect = gs.getProperty('portal_url_redirect');
            gs.info('DEBUG_LOGIN_REDIRECT | User: ' + ugr.getValue("user_name") + ' | END USER | Redirecting to URL: ' + defaultRedirect);
            action.setRedirect(defaultRedirect);
        }
    }
}
​

Behavior Observed in Testing:

• When the u_redirect_to session attribute is correctly captured, the redirection functions as expected.
• In some cases, the u_redirect_to attribute is not set or lost, resulting in a fallback to the default redirection logic.

Has anyone encountered a similar issue with inconsistent redirect behavior in custom SSO implementations? Could this be related to session handling, or are there specific best practices to ensure consistent behavior?

Any insights, recommendations, or examples would be greatly appreciated. I’m happy to provide additional details if needed.

Thank you in advance for your help!

Kind regards,
Tiago Dias