What is Audience URI (SP Entity ID) in Okta AD + ServiceNow integration

Karthick PS
Tera Contributor

‎08-04-2022 01:56 AM

When integrating Okta with Servicenow, Okta is asking Audience URI (SP Entity ID)?

Any guidance what it is?

Is this Entity ID of servicenow? Please refer the attached image for more details

Preview file
103 KB
0 Helpfuls
  • 7,072 Views
3 REPLIES 3

Community Alums
Not applicable

‎08-04-2022 02:22 AM

Hi @Karthick PS ,

Set the instance-specific URLs so the IdP can authenticate users.

Procedure

  1. In the property The URL to the Service-now instance (usually this instance), enter the URL (including login page) of the instance for which the IdP authenticates. For example: https://yourinstance.service-now.com/navpage.do
  2. In the property The entity identification, or the issuer, enter the base URL (excluding login page) of the instance for which the IdP authenticates. For example: https://yourinstance.service-now.com/

The Audience system property allows your instance to verify that it is the intended recipient of a SAML response.

The integration verifies that each SAML response contains the same URL listed in this system property as the URL listed in the Audience element. For example: 
<samlp:Responsexmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"  ID="s2cdc74f37f923e26fe1aeec42b70a93d24230334f"  InResponseTo="90AA6073F01567BFB0DF194F596314E2"  Version="2.0"  IssueInstant="2010-04-29T23:21:51Z"  Destination="https://dloomac.service-now.com/navpage.do">
...
<saml:Conditions NotBefore="2012-01-30T19:57:10Z"  NotOnOrAfter="2012-01-30T20:17:10Z"><saml:AudienceRestriction><saml:Audience>https://demoi2.service-now.com</saml:Audience></saml:AudienceRestriction></saml:Conditions>
...
</samlp:Response>

Procedure

  1. Navigate to All > SAML 2 Single Sign-on > Properties.
  2. In the property The audience uri that accepts SAML2 token. (Normally, it is your instance URI. For example: https://<instance name>.service-now.com.), enter the URL of your instance. For example, https://demoi2.service-now.com. This URL must match the value of the Audience element in the SAML Response.
  3. Click Update.

Mark my answer correct & Helpful, if Applicable.

Thanks,

Sandeep

 

0 Helpfuls

Karthick PS
Tera Contributor
In response to Community Alums

‎08-04-2022 02:54 AM

Thanks @Sandeep Dutta for the instant reply.

You mean to say that the 

Audience URI (SP Entity ID) is https://********.service-now.com/  without the navpage.do??

Please do correct my understanding.

Also, I am not seeing this navigation All > SAML 2 Single Sign-on > Properties

Is this on ServiceNow or at Okta?

Kindly advise.

 

 

0 Helpfuls

Karthick PS
Tera Contributor
In response to Karthick PS

‎08-04-2022 05:19 AM

Could someone please assist here at the earliest?

0 Helpfuls