- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2023 08:50 AM
We recently started the process of bringing users from one of our subsidiary companies into our instance, and I'm working through setting up SSO for these users. The IDP config is set up and working, but what I'd like to do is eliminate the step of clicking the "external login" link when users browse to the service portal. I understand that auto redirect to IDP achieves this, but this prohibits us from using multi-sso as it automatically redirects the users from the subsidiary to the wrong IDP. I was wondering if there was a way, specifically with service portals, to incorporate some kind of code into the defined portal login page that would redirect to /login_with_sso.do?glide_sso_id=<sys_id of the sso configuration>. The 2 companies will be using completely separate service portals and always use their own SSO configs, so I can say with 100% certainty that there is no crossover between them.
For example:
User 1 Browses to service portal 1. Service portal 1 redirects to /login_with_sso.do?glide_sso_id=<sys_id_of_SSO1>
User 2 Browses to service portal 2. Service portal 2 redirects to /login_with_sso.do?glide_sso_id=<sys_id_of_SSO2>
Does anyone know of a way to accomplish this?
Solved! Go to Solution.
- Labels:
-
Service Portal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2023 10:38 AM
I was able to find the solution to this. This KB article provided all the details needed!
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0784347
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2023 10:38 AM
I was able to find the solution to this. This KB article provided all the details needed!
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0784347
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-02-2025 03:20 PM
Thanks for coming back and posting the solution, that helped me a ton! I was about to go down that path when I saw some code referencing custom URLs in the server script. A little research led me to a plugin I wasn't previously aware of. If you're able to set up subdomains in DNS, this might be a very good OOB solution:
Custom URL with Identity Provider
I'm going to test this out at some point in the next few days, but if it works the way I think it will from the documentation, it'll do (almost) exactly what we want. The main difference being that it would redirect based on the subdomain instead of the URL path, which in some cases may be even better for end users as it is easier to remember.
To borrow your example cases, if I'm understanding right the solution would look like this:
Start with 2 portals and 2 IDPs. Create DNS subdomains for those portals and ServiceNow Custom URL records for each to link everything up.
- portal1.mycompany.com > Custom URL which directs the user to Portal 1 and authenticates via SSO1 (as defined in the custom URL rule.)
- portal2.mycompany.com > Directs user to Portal 2 and authenticates with SSO2
- ... and so on
This would mean that we don't need to clone a new login page and login widget every time we wanted to do this, and wouldn't have to hard-code a sys_id as the KB article suggests.
