Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Change the Welcome Page Login for ITIL users

Joe Taylor
Giga Guru

‎04-14-2022 01:20 PM

I just implemented SSO authentication.

Now when my itil users (agents) open the welcome page, they are presented wtih this screen:

Local Login URL:   https://xxxxxx.service-now.com/login_locate_sso.do#

find_real_file.png

 

I want them to use the "External Login" method of authenticaion as the default.

External Login URL: https://xxxxxxx.service-now.com/login_locate_sso.do

find_real_file.png

 

How do I swap these around so the external login screen is the default?

 

Labels:
Preview file
27 KB
Preview file
27 KB
  • 1,848 Views
7 REPLIES 7

Vivi Brasil
Mega Sage

‎04-14-2022 03:25 PM

Hello Joe Taylor,

Do you have two or more Identity Providers in the SSO?

I am asking it, because if you have only one IDP and that IDP could be used to authenticate all the users (Agent Users, ESS Users...), you could set the Auto-Redirect in the IDP, so, the ServiceNow Welcome Page will not appear to them, when the users access the URL https://instance_name.service-now.com, they will be automatic redirected to their SSO page (e.g.: MS Azure AD, MS ADFS, OKTA...).

Only if there are users which need to authenticate in other IDP, or locally, would need to access the side_door.do page (https://instance_name.service-now.com/side_door.do or https://instance_name.service-now.com/login.do).

Thank you!

Joe Taylor
Giga Guru

‎04-15-2022 06:23 AM

Thanks Vivi.  I actually do need both login methods.  I want my internal employees to use SSO with their email as a the user id.  I also have external vendors that will need to use the local login "name" for user id.

So everything is working just fine right now, I just want to swap the default login window so that "External Login" window comes up as the default.

 

Vivi Brasil
Mega Sage
In response to Joe Taylor

‎04-15-2022 12:02 PM

You are welcome Joe, and thank you for explaining the scenario.

I haven't applied it, but there is a KB Article that I hope could help you:

My concern is if those changes will replace the Auto Redirect IDP for your internal employees as well (if you could try it on a sub-production instance, to validate the behavior).

Thank you!

Joe Taylor
Giga Guru

‎04-15-2022 01:43 PM

Oh thank you for this Vivi.  I'm so close now.

So here is what I did BEFORE and AFTER my changes.

 

 

BEFORE CHANGES


In system properties, I have:
Entry: glide.entry.page.script
Value: new CMSEntryPage().getEntryPage()


This is the script include for CMSEntry page

var CMSEntryPage = Class.create();

CMSEntryPage.prototype = {
initialize : function() {
},

getEntryPage : function() {
var config = GlideContentConfig.get();
if (!config.getLoginPage())
return null;

return new GlideCMSPageLink().getPageLink(config.getLoginPage());
}
}

Default Screen

find_real_file.png


AFTER CHANGES


In system properties, now I have:
Entry: glide.entry.page.script
Value: new PreLoginScript().redirectToLoginLocateSSO();

This is the script include for PreLoginScript

var PreLoginScript = Class.create();
PreLoginScript.prototype = {
initialize: function() {
},

redirectToLoginLocateSSO: function() {
return "/login_locate_sso.do";
},

type: 'PreLoginScript'
};

 

Default Screen

find_real_file.png

 

So my last question is how do I make my default screen use the login_locate_sso.do script and still have the 
"Forgot Login Crentials" widget?  (Like in the BEFORE screeenshot). 

Preview file
25 KB
Preview file
8 KB
0 Helpfuls