Best and common Approach for SSO and Authentication for User data load in ServiceNow

Navnit1
Tera Expert

Hi Folks,

 

This is for the new platform setup for foundation data.

 

There are multiple User repository sources (in discussion to combine both but finalized)

 

On premise :  REP 1 [AD]

On Cloud  : REP 2 [ for example Azure AD]

 

 

  • What would be the recommended and common approach to be proposed for 'Authentication' ?
  • What would be the recommended and common approach to be proposed for 'SSO' ?
  • Does SAML would suffice for both SSO and Authentication and bring the data into ServiceNow? OR would require LDAP separately for user data import with SAML

 

Please provide your suggestions

 

Regards, NT

 

 

 

 

2 REPLIES 2

Gunjan Kiratkar
Kilo Patron
Kilo Patron

Hi @Navnit1 

 

The recommended and common approach for authentication for a foundation data platform would be to use a centralized identity management system, such as Active Directory (AD) or Azure Active Directory (AAD), to authenticate users against a single repository of user information. This allows for consistent and secure authentication across the platform.

For Single Sign-On (SSO), the recommended approach would be to use a protocol such as SAML (Security Assertion Markup Language) to allow users to authenticate once and then access multiple systems without having to log in again. SAML is an open standard that allows for secure exchange of authentication and authorization data between systems.

SAML can be used for both SSO and authentication and can be used to bring data into ServiceNow. However, it depends on the specific requirements of the platform. If you need to import user data from an external source, such as an LDAP directory, you may need to use additional tools or integrations to import that data into ServiceNow and link it to the SAML-authenticated users.


Please Mark My Response as Correct/Helpful based on Impact
Regards,
Gunjan Kiratkar
2X ServiceNow MVP
Community Rising Star 2022
Youtube : ServiceNow Guy

Hello Gunjan , Thanks for your reply.

 

It means , Let say we have a 'centralized identity management system' either On premise and on cloud , In both scenario , SAML will be recommended as it can bring the data  to ServiceNow  on schedule, gives SSO capability and Authenticate  ?

and there is no need to consider for LDAP integration.

 

In the ITSM GUIDED SET UP , could we skip LDAP step and jump to SSO SAML for  data import , SSO service and Authentication ? In what case LDAP step becomes  best solution .

 

As somewhere read

  • that SAML only for Cloud AD and LDAP is used for on-premise AD usually.
  • LDAP is to authenticate and bring the data  whereas  SSO  SAML option is for   " not to re-authenticate yourself once you log into an Environment only"

 

Any insight will help .

 

Thanks NT