Login Report (SSO / SNow)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-16-2017 07:43 AM
Does anybody know how I can produce a report on who is logging into ServiceNow using a standard username and password, and those who are logging in via Okta SSO?
Thank you.
- Labels:
-
Incident Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-16-2017 07:54 AM
Hi John,
You can check under System Policy -> Event Log and search for name = 'login'. This will give you a report on all logins that have happened in your instance. Parm 1 column in the table will give you the user Id. I do not think you can differentiate it with SSO and standard logins.
Replace instance_name with your instance
Thanks
Please Hit like, Helpful or Correct depending on the impact of the response
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-16-2017 07:58 AM
Thank you. However we are using Service Now Express so under System Policy there is no Event Log option. Is there another way?
When I use the link provided and changed the 'instance_name' to ours, I receive an error 'Security constraints prevent access to requested page' which is odd as I am an administrator.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-16-2017 08:05 AM
That's was bad! This was one place at where login was logged, You can also check sysevent.list if it works?
Another place is the last login time on user table but this don't give you an history of logins.
https://instance_name.service-now.com/sys_user_list.do?sysparm_query=last_login_timeISNOTEMPTY
You can get to know when a user was logged in last.
Thanks
Please Hit like, Helpful or Correct depending on the impact of the response
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-16-2017 09:08 AM
John, what are you trying to achieve with this report? Are you trying for force users to Okta? If so as mentioned in this article you can update everyone's local password to something random so they cannot login locally: