We have Dual Idp configured for SSO in ServiceNow and a custom public Idp selection page (dropdown) that users hit before authenticating.
Issue: When users click a deep link from an email notification (record link that includes nav_to.do/nav_to/sys_id), they are forced through the Idp selection page + SSO, but after login they land on the homepage instead of the original target record.
What works: If a user opens the same record URL from within the platform (already authenticated), it loads correctly. If a user pastes the "backend" record URL after login, it loads correctly.
What fails: Clicking the email notification deep link before login triggers:
1. Redirect to Idp selection page
2. Choose Idp
3. Authenticate
4. Post-login redirect lands on homepage (or the portal homepage), not the deep link record.
What is the recommended approach to preserve the original deep link across: anonymous -> IdP selection -> SSO -> authenticated session
Is there a supported way to carry nav_to/uri through the Dual Idp selection step?
Any guidance, best practice pattern or example implementation would be appreciated.
