Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Configuring SSO

tiagomacul
Giga Sage

on ‎07-23-2019 10:11 AM

 Configuring SSO

 

ImageDescription
find_real_file.png

01. Acess Guided Setup

https://<instance>.service-now.com/nav_to.do?uri=%2Fhome.do%3F

 

find_real_file.png02. ITSM Guided Setup
find_real_file.png03. Click Get Started
find_real_file.png04. 
find_real_file.png05. Click Activate/Repair
find_real_file.png06. Click Activate
 find_real_file.png 07. Close &  Reload Form
 find_real_file.png 08. Click Add New IdP
 find_real_file.png

 09.  Type your informations

 

Example

www.<website>.com.br/FederationMetadata/2007-06/FederationMetadata.xml

find_real_file.png10. Click Fetch
find_real_file.png11. Click Save
find_real_file.png12. Click Generate metada
 find_real_file.png

13. On the NameID Policy 

urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

 find_real_file.png

14. Click

>> Mult-Provider SSO > Properties

 find_real_file.png

15. Select 

Enable multiple provider SS

Enable debug logging for the multiple provider SSO integration

 

The field on the user table that identifies a user accessing the "User identification" login page. By default, it uses the 'user_name' field.

 find_real_file.png

16. >>AD FS > Trust Relationships > Relaying Party Trust >Add Relaying Party Trust

 find_real_file.png

17. Click Start

 find_real_file.png

18. Import data about the Relaying party from a file

 

Browse

 find_real_file.png

19. Type Display name, click Next

 find_real_file.png

20. Select

I do not want to configure mult-facto authentication settings for this relaying party trust at this time

 

Click Next

 find_real_file.png

21. Click Permit all users to access this Relaying Party and click Next

 find_real_file.png

22. Click Close

 find_real_file.png

23. An example about Claim Rule

 

E-mail Address

 find_real_file.png

24. Click OK

find_real_file.png

25. Click Test Connection

find_real_file.png 26. Login
find_real_file.png27. Set Default
find_real_file.png28. Set Auto Redirect Idp
 29.

 

Metadata Sample.xml, step 13.

<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://<instance>.service-now.com">
 	<SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
		<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<instance>.service-now.com/navpage.do"/>
		<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
		<AssertionConsumerService isDefault="true" index="0" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<instance>.service-now.com/navpage.do" />
		<AssertionConsumerService isDefault="false" index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<instance>.service-now.com/consumer.do" />
	</SPSSODescriptor>
</EntityDescriptor>

 

Author:

Tiago Macul

Paulo Cesar dos Santos Filho

Haddan de Queiroz Rocha

 

find_real_file.png

 

Know-More-Now-Logo.jpg

Summary

 Configuring ADFS Claim rules

 

 

 

 

Preview file
2 KB
Preview file
21 KB
Preview file
25 KB
Preview file
3 KB
Preview file
2 KB
Preview file
41 KB
Preview file
38 KB
Preview file
5 KB
Preview file
6 KB
Preview file
49 KB
Preview file
44 KB
Preview file
5 KB
Preview file
33 KB
Preview file
36 KB
Preview file
14 KB
Preview file
46 KB
Preview file
11 KB
Preview file
3 KB
Preview file
5 KB
Preview file
2 KB
Preview file
39 KB
Preview file
23 KB
Preview file
33 KB
Preview file
38 KB
Preview file
4 KB
Preview file
27 KB
Preview file
5 KB
Preview file
18 KB
Preview file
24 KB
Preview file
42 KB
  • 2,205 Views
Comments
User674366
Tera Explorer
‎08-02-2019 03:49 PM

Thanks for sharing this.

0 Helpfuls
Version history
Last update:
‎07-23-2019 10:11 AM
Updated by: