Hi,
The following steps you should to enable the SSO in Service Now.
Navigate to Multi-Provider SSO -> Identity providers
Click on ‘Generate Metadata’.
Share the generated metadata xml with Azure.
Configure Encryption and Signing (SAML) properties
Navigate to Multi-Provider SSO -> Identity providers -> Encryption And Signing
Set the properties as follows:
Signing/Encryption Key Alias: ‘saml2sp’
Signing/Encryption Key Password: ‘saml2sp’
Signing Signature Algorithm: ‘http://www.w3.org/2001/04/xmldsig-more#rsa-sha256’ // Check the Azure supporting algorithm.
Navigate to Multi-Provider SSO -> Identity providers -> User Provisioning
Enable property ‘Auto Provisioning User’
Enable property ‘Update User record upon Each Login’
Configure saml2 keystore in System properties
Navigate to System properties
Select ‘glide.authenticate.sso.saml2.keystore’
Update the value for this property with the ‘sys_id’ of the ‘SAML 2.0 Keystore_Key2048_SHA256_FIPS’ certificate //Check Azure support 256 or different?
This step ensures proper SAML keystore is used for SAML communication in SSO.
Configure Landing page users based on role
To land the users to the right url, implement the following steps
Implement a ‘Script Include’ which redirects the request to appropriate url. It should provide 2 functionalities ‘getFirstPageUrl’ and ‘getLoginPageUrl’.
Configure the system property ‘glide.entry.first.page.script’ to call the functionality ‘getFirstPageUrl’ from the above Script Include.
Configure the system property ‘glide.entry.page.script’ to call the functionality ‘getLoginURL’ from the above Script Include.
You must check the highlighted field and configured with correct AZure URL or not.
Please mark as correct answer if it helped.
Regards,
Suresh.
Hi,
The following steps you should to enable the SSO in Service Now.
Navigate to Multi-Provider SSO -> Identity providers
Click on ‘Generate Metadata’.
Share the generated metadata xml with Azure.
Configure Encryption and Signing (SAML) properties
Navigate to Multi-Provider SSO -> Identity providers -> Encryption And Signing
Set the properties as follows:
Signing/Encryption Key Alias: ‘saml2sp’
Signing/Encryption Key Password: ‘saml2sp’
Signing Signature Algorithm: ‘http://www.w3.org/2001/04/xmldsig-more#rsa-sha256’ // Check the Azure supporting algorithm.
Navigate to Multi-Provider SSO -> Identity providers -> User Provisioning
Enable property ‘Auto Provisioning User’
Enable property ‘Update User record upon Each Login’
Configure saml2 keystore in System properties
Navigate to System properties
Select ‘glide.authenticate.sso.saml2.keystore’
Update the value for this property with the ‘sys_id’ of the ‘SAML 2.0 Keystore_Key2048_SHA256_FIPS’ certificate //Check Azure support 256 or different?
This step ensures proper SAML keystore is used for SAML communication in SSO.
Configure Landing page users based on role
To land the users to the right url, implement the following steps
Implement a ‘Script Include’ which redirects the request to appropriate url. It should provide 2 functionalities ‘getFirstPageUrl’ and ‘getLoginPageUrl’.
Configure the system property ‘glide.entry.first.page.script’ to call the functionality ‘getFirstPageUrl’ from the above Script Include.
Configure the system property ‘glide.entry.page.script’ to call the functionality ‘getLoginURL’ from the above Script Include.
You must check the highlighted field and configured with correct AZure URL or not.
Please mark as correct answer if it helped.
Regards,
Suresh.
