SSO with Service Portal and Multiple Identity Providers
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-01-2020 03:27 PM
Hi All,
We have multiple identity providers (and all properties enabled) and are wanting users to have a seamless SSO experience when accessing portal. Users will be accessing portal via Okta/azure or manually portal URL. The issue is - whenever a user attempts to access Portal, they are forced to manually input a login instead of SSO.
I have looked into setting a default identity provider in the glide.authenticate.sso.redirect.idp property but that does not allow other users outside of that default idP log in and authenticate.
Has any one been able to achieve accessing their Portal through SSO? Is there a way set which SSO idP users are redirected to? Can we dynamically modify this system property to do so?
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-21-2022 04:19 AM
We today found the solution, you may need to alter mail scripts or whichever configuration generates the URL.
In order for seamless authentication to work, the URL needs to be parameterised using nav_to.do
So for
https://instance.service-now.com/sp?id=ticket&table=incident&sys_id=af1399c64774d51425e8e609736d43fb
It needs to become
https://instance.service-now.com/nav_to.do?uri=sp%3Fid%3Dticket%26table%3Dincident%26sys_id%3Daf1399c64774d51425e8e609736d43fb
There is a great tool here which sparked the answer:
http://www.john-james-andersen.com/blog/service-now/deep-link-generator.html
It appeas the use of nav_to.do is an accepted path to handoff to the IDP to authenticate where as /sp will not handoff and will be return the user to the login page.
