Single user automatically redirecting to logout page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-20-2016 07:30 AM
We have a single user who for unknown reasons is unable to log into our ServiceNow live instance. When the user logs in through our simplesaml login portal it accepts his details and then redirects him to lboro.service-now,com/logout_redirect.php and then immediately redirects him to our simplsaml logout page. There are no error messages that occur and the whole thing happens instantaneously. .
This only happens with this single user. I've tested his account on my computer and the same issue occurs so it only seems to be his account. His account is active in ServiceNow and I'm able to impersonate it through my admin account without issue.
Not entirely sure where to start with troubleshooting this. I've checked our login rules and UI scripts but could find nothing that would suggest why this is happening. The user is just a customer filling out a form in the Services and has no roles within ServiceNow (other users without roles are able to sign in without any issue).
Can anyone assist? Thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-17-2020 11:56 AM
Hello, I will continue providing my feedback based on my Azure configuration, but from this point forward it could be different for Google Suite. I am not familiar with Google Suite.
Every ServiceNow instance needs to have their own Identity provider configuration. What I mean by this is that no clone or import/export of the identity provider record from one instance to another should be done.
In your case, you should have two applications in your Google Suite and one Identity provider in each instance.
Google Suite list of application
ServiceNow DEV application - with users and/or groups configured for SSO
ServiceNow TEST application - with users and/or groups configured for SSO
** The user must be added to both application to have access to ServiceNow. If you are using groups to provide the access, then the user needs to be on the group used for each or both application.
ServiceNow:
Identity provider in DEV - verify all the fields, and also the certificate. It should match with the one provided from Google Suite.
Identity provider in TEST - verify all the fields, and also the certificate. Compare with DEV to see if you can identify what is difference making Test not working. I would suggest going to the Advance tab to see what you have in the User Field. In my setup, it works by having user_name in the User Field.
The configuration of each identity provider should be auto-generated by using the Metadata URL. In my case, after providing the metadata URL the only change I needed to complete was to update the NameID Policy and remove the Identity Provider's SingleLogoutRequest. Pay close attention to those two field when comparing with DEV that is working.
Having a single user not able to login, but having others successfully able to makes me still think that something can be wrong with the user profile in TEST and/or the user profile in your Identity Provider(Google Suite). If you have a user that is able to authenticate in TEST and DEV, compare that user profile in Google Suite with your user having the issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-02-2020 11:14 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2020 01:23 PM
Yes,
I was able to resolve issue with the help of this article
https://hi.service-now.com/kb_view.do?sysparm_article=KB0822358
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-02-2021 07:14 AM
Hi Service manager,
I am facing the same issue for one of the users. I am unable to view this article.
Can you suggest what steps were taken to fix this issue?
Regards,
Surabhi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-08-2021 04:15 AM
In our case it initially started with Single user. But when people completely log out of their accounts, it is happening with everyone who ever is logged out. Test from an Incognito window to confirm if this is happening to you as well without logging out from your browser as you will need the access to the instance.
Solution : IDP record might be missing. You need to navigate to below URL and open one of the listed IDP records that you with to get redirected to and click on 'set as auto redirect idp' under the related links.
https://yourInstance.service-now.com/sso_properties_list.do?sysparm_query=&sysparm_view=
This will ensure https://yourInstance.service-now.com navigates to IDP login page where users can login using SSO. or Navigate to Identity Providers under Multi-Provider SSO Application
Multi-Provider SSO - > Identity Providers and follow above instructions. This fixed our issue.
