Deep linking for SAML with multiple provider plugin?

dickhirsch
Giga Guru

I'm trying to figure out how to get SAML deep links to work in a shared instance (Fuji) where the multiple provider plugin is active.

Scenario

An instance has three multiple providers configured.   Users should receive an email with links to content in ServiceNow. The user, however, must first login with their IdP / multiple provider before accessing the content link.  

Something like this: https://myinstance.service-now.com/login_with_sso.do?glide_sso_id=49add5fe0f8cca009850ecdhhhgdt&nav_...

Usually, the target link would be placed in the RelayState parameter and would be called after a successful external login. The problem is that the script " global.SAML2_update1" prevents deep links when the URL includes "login_with_sso":

if (!requestURI ||requestURI.equals("") || requestURI.equals("/") || requestURI.indexOf("login_with_sso")>=0) {

                // No deep linking

                this.logDebug("No Deep Linking for this SAML request");

                relayState = this.serviceUrl;

My assumption is that restriction is to prevent endless loops.

Can anyone provide advice to deal with this problem?

Thanks,

Richard

6 REPLIES 6

davidliu
Kilo Explorer

Hi there,



Did you ever get around this issue? We are currently facing the same problem and are looking for any workarounds/solutions.




Thanks,
David


Hi,



Did you manage to figure out a solution for this issue, I am facing the same situation and have just posted a question in the community.



Many Thanks Jon


Hi Jon,



Unfortunately not - we were told that there may be a fix targeted for Istanbul release.


Hi David,



Thanks for responding, I have a thread open, https://community.servicenow.com/thread/247648



it may be of use to you.



Thanks Jon