Service Portal redirect to SSO (ADFS)

na93 · ‎03-02-2018

Hi All,

I've been researching SSO/Redirects but haven't been able to come up with a solution to my problem unfortunately.

What I am looking to do is if a user navigates to test.service-now.com/sp they are redirected to our IDP (SSO) and then after authentication they are then passed back to the Service Portal. I only want this to happen for /sp not anything else.

I'm guessing the script include for the SPEntryPage will need modified. Has anyone does this before or has any examples of what I'd be looking to change on the script include?

Any help/pointers would be greatly appreciated.

Thanks,
Nabeel

nthumma · ‎03-05-2018

Add a login page to your portal and on the login page, you need to add a widget which handles the redirection.

Server-side script of widget

(function() {
	/* populate the 'data' object */
	/* e.g., data.table = $sp.getValue('table'); */
	data.failed = false;
	data.success = false;
	
	
	
	data.is_logged_in = gs.getSession().isLoggedIn();
	
	
	if (data.is_logged_in)
		data.success = true;
	if (!data.is_logged_in)
		data.failed = true;
	
	data.user_start_page = gs.getSession().getProperty("starting_page");
	data.default_idp = gs.getProperty("glide.authenticate.sso.redirect.idp");	
	if (input && input.action === "set_sso_destination") {
	var gs_nav_to = gs.getSession().getProperty("nav_to");
	gs.getSession().putProperty("nav_to", null);
    
	
		
	if (!gs.getSession().getProperty("starting_page"))
		gs.getSession().putProperty("starting_page", null);

	return;
}
	
})();

Client controller code

function($scope, $window) {
	/* widget controller */
	var c = this;
	c.failed = $scope.data.failed;
	c.success = $scope.data.success;
	
	var LoginRedirect = function() {
		if (c.success) {
			console.log('user is logged in');
			return;
		}
		if (c.failed){
			c.server.get({
				action: "set_sso_destination",
				//pageURI: c.data.user_start_page
			}).then(function() {
				var url = "/sp&glide_sso_id="+c.data.default_idp;
				$window.location.href = url; 
			   console.log('user was not logged in AND redirect succeeded');
			   return;
			});
		}
	};
	
	LoginRedirect();
}

View solution in original post

na93 · ‎03-07-2018

Hi,

I've just tried this in our Dev enviroment and seems to be re-directing which is great thank you!

But I have one quick question please..

Our base URL seems to be redirecting at the same time rather than just /sp? Is this because of the "glide.authenticate.sso.redirect.idp" property that's set?

Thanks,

Nabeel

nthumma · ‎03-07-2018

what is it set to? maybe you can check your SPEntryPage script include?

na93 · ‎03-08-2018

It is set to the sys id of the our IDP, but I'm guessing we don't need this property since we don't want everything to redirect to IDP? I have not modified the SPEntryPage so it is currently OOTB.

Also should I disable the OOTB login widget if I'm using this one?

Apologizes for my lack of knowledge here still trying to get to grips with SSO/Redirects etc.

Christine Mayf2 · ‎08-18-2021

Super helpful!