Login Report (SSO / SNow)

johnpeckcvc · ‎03-16-2017

Does anybody know how I can produce a report on who is logging into ServiceNow using a standard username and password, and those who are logging in via Okta SSO?

Thank you.

Alikutty A · ‎03-16-2017

Hi John,

You can check under System Policy -> Event Log and search for name = 'login'. This will give you a report on all logins that have happened in your instance. Parm 1 column in the table will give you the user Id. I do not think you can differentiate it with SSO and standard logins.

https://instance_name.service-now.com/sysevent_list.do?sysparm_query=sys_created_onONToday%40javascr...

Replace instance_name with your instance

Thanks

Please Hit like, Helpful or Correct depending on the impact of the response

johnpeckcvc · ‎03-16-2017

Thank you. However we are using Service Now Express so under System Policy there is no Event Log option. Is there another way?

When I use the link provided and changed the 'instance_name' to ours, I receive an error 'Security constraints prevent access to requested page' which is odd as I am an administrator.

Alikutty A · ‎03-16-2017

That's was bad! This was one place at where login was logged, You can also check sysevent.list if it works?

Another place is the last login time on user table but this don't give you an history of logins.

https://instance_name.service-now.com/sys_user_list.do?sysparm_query=last_login_timeISNOTEMPTY

You can get to know when a user was logged in last.

Thanks

Please Hit like, Helpful or Correct depending on the impact of the response

Michael Ritchie · ‎03-16-2017

John, what are you trying to achieve with this report? Are you trying for force users to Okta? If so as mentioned in this article you can update everyone's local password to something random so they cannot login locally:

http://wiki.servicenow.com/index.php?title=External_Authentication_(Single_Sign-On_-_SSO)#Restrictin...