Bypass SSO for VRM Vendor Portal

Shawn Puckett
Giga Contributor

We have client that decided to use SSO for their SN access which most people considers best practice. Then the client purchased Vendor Risk Management and based on the SN defined standard VRM vendor user management workflow* and the large number of vendors decided to use SN internal user management and auth for Vendor user accounts.

So for this to work we need to bypass SSO on the Vendor Portal login but everything we have tried has failed. Has anyone been able to find a solution for this? i.e. you go to https://clientname.service-now.com/vdp
 
*SN’s standard workflow for VRM around vendor user management focuses on the fact that once you setup a primary contact with a vendor then the vendor can largely self-manage their users for adding users, assign task to users or removing access for their own Vendor assessments.

1 ACCEPTED SOLUTION

Shawn Puckett
Giga Contributor

This is our fix:

 

  1. Go to sys_public.list
  2. Validate that $sp Active is set to True
  3. Go to Service Portal > Widgets
  4. Clone the Login widget to something like VDP Login (id – vdp-login)
  5. Open VDP Login widget and edit the Server Script
    • Comment out this line:

var bypass_sso = options.bypass_sso == "true";

    • Add this line below the commented line:

var bypass_sso = true;

  1. Go to Service Portal > Pages
  2. Open vdp_login
  3. Then under related links pick “Open in Designer”
  4. Then delete the current Login Widget and replace with new VPD Login widget
  5. Launch the VDP Portal login to test, i.e. https://NAME.service-now.com/vdp

View solution in original post

15 REPLIES 15

There is also a "public" checkbox on the page you can use. But then the login widget should work. You might need to customize the login widget so it doesn't auto-redirect thou. But that should be fairly easy in the client controller.

 

//Göran

Shawn Puckett
Giga Contributor

This is our fix:

 

  1. Go to sys_public.list
  2. Validate that $sp Active is set to True
  3. Go to Service Portal > Widgets
  4. Clone the Login widget to something like VDP Login (id – vdp-login)
  5. Open VDP Login widget and edit the Server Script
    • Comment out this line:

var bypass_sso = options.bypass_sso == "true";

    • Add this line below the commented line:

var bypass_sso = true;

  1. Go to Service Portal > Pages
  2. Open vdp_login
  3. Then under related links pick “Open in Designer”
  4. Then delete the current Login Widget and replace with new VPD Login widget
  5. Launch the VDP Portal login to test, i.e. https://NAME.service-now.com/vdp

Instead of cloning the widget, why not just set the following into the widget instance options?

{

   "bypass_sso":"true"

}

 

?

This is the easiest solution. Here's a direct link to the widget instance. If you try to load the page in page designer the redirect happens and drives you insane :). 

https://[YOUR INSTANCE]/nav_to.do?uri=%2Fsp_instance.do%3Fsys_id%3D31e15d53eb6811e98758251694724243%...

find_real_file.png

 

This is exactly what I was looking for to address the SSO default for the Vendor Contact insert notification to the 'SVDP' version of the Vendor Assessment Portal that came in with the latest New York patch. Thank you, Shane!