Bypass SSO for VRM Vendor Portal

Shawn Puckett
Giga Contributor

We have client that decided to use SSO for their SN access which most people considers best practice. Then the client purchased Vendor Risk Management and based on the SN defined standard VRM vendor user management workflow* and the large number of vendors decided to use SN internal user management and auth for Vendor user accounts.

So for this to work we need to bypass SSO on the Vendor Portal login but everything we have tried has failed. Has anyone been able to find a solution for this? i.e. you go to https://clientname.service-now.com/vdp
 
*SN’s standard workflow for VRM around vendor user management focuses on the fact that once you setup a primary contact with a vendor then the vendor can largely self-manage their users for adding users, assign task to users or removing access for their own Vendor assessments.

1 ACCEPTED SOLUTION

Shawn Puckett
Giga Contributor

This is our fix:

 

  1. Go to sys_public.list
  2. Validate that $sp Active is set to True
  3. Go to Service Portal > Widgets
  4. Clone the Login widget to something like VDP Login (id – vdp-login)
  5. Open VDP Login widget and edit the Server Script
    • Comment out this line:

var bypass_sso = options.bypass_sso == "true";

    • Add this line below the commented line:

var bypass_sso = true;

  1. Go to Service Portal > Pages
  2. Open vdp_login
  3. Then under related links pick “Open in Designer”
  4. Then delete the current Login Widget and replace with new VPD Login widget
  5. Launch the VDP Portal login to test, i.e. https://NAME.service-now.com/vdp

View solution in original post

15 REPLIES 15

Hi Chris,

 

Sorry for opening a old thread, were able to make it work svdp portal.

 

While trying the config mentioned above, vendor portal is going to login page, however other portals(e.g. esc) its not going to login page and displays the contains without login.

 

Regards

Lalit 

I would like to recommend simillar approach as for other cases instead of modifying code directly inside the widget.

For details please see following article

https://www.servicenow.com/community/csm-articles/bypassing-sso-in-the-customer-service-portal/ta-p/...

 

With the proposed solution the option.bypass_sso is commented out instead of adding the option with "true" value into the additional parameter values.

The soltution of update code will finally not work as such.

 

For bypassing the SSO when user has already generated password - yes.

But take into the consideration that vendor contact password need to be generated. The process is checking this VDP/SVDP portal page options.

If there is no option bypass_sso present the vendor contact is not updated with password and instead vendor_core.register_contact_sso event is fired.

So then the process is again broken.

 

This was a great fix for us, thank you. SVDP in Washington DC.

karuna8
Tera Contributor

Is it possible to bypass SSO without making $SP=True for vendor portal?

 

When we making $SP=true, its adding entries in sp_log table as Guest user for each service portal transaction even when user has not authenticated the page. Also, we have to make all other pages like kb_article, kb_category, survey etc  non-Public when making $SP =True otherwise it just bypasses SSO for all other pages which are marked public.

JusCuz
Tera Guru

I had this same issue in the Customer Service Portal. It turns out the widget in customer service already has an option for bypassing sso, I would check to see if this already exists in the vendor portal as well. I detailed my find here: How to bypass SSO in Customer Service Portal

This was able to be done without customizing any widgets.