Best and common Approach for SSO and Authentication for User data load in ServiceNow
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2023 03:54 AM
Hi Folks,
This is for the new platform setup for foundation data.
There are multiple User repository sources (in discussion to combine both but finalized)
On premise : REP 1 [AD]
On Cloud : REP 2 [ for example Azure AD]
- What would be the recommended and common approach to be proposed for 'Authentication' ?
- What would be the recommended and common approach to be proposed for 'SSO' ?
- Does SAML would suffice for both SSO and Authentication and bring the data into ServiceNow? OR would require LDAP separately for user data import with SAML
Please provide your suggestions
Regards, NT
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2023 04:10 AM
Hi @Navnit1
The recommended and common approach for authentication for a foundation data platform would be to use a centralized identity management system, such as Active Directory (AD) or Azure Active Directory (AAD), to authenticate users against a single repository of user information. This allows for consistent and secure authentication across the platform.
For Single Sign-On (SSO), the recommended approach would be to use a protocol such as SAML (Security Assertion Markup Language) to allow users to authenticate once and then access multiple systems without having to log in again. SAML is an open standard that allows for secure exchange of authentication and authorization data between systems.
SAML can be used for both SSO and authentication and can be used to bring data into ServiceNow. However, it depends on the specific requirements of the platform. If you need to import user data from an external source, such as an LDAP directory, you may need to use additional tools or integrations to import that data into ServiceNow and link it to the SAML-authenticated users.
Please Mark My Response as Correct/Helpful based on Impact
Regards,
Gunjan Kiratkar
2X ServiceNow MVP
Community Rising Star 2022
Youtube : ServiceNow Guy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-15-2023 05:56 AM
Hello Gunjan , Thanks for your reply.
It means , Let say we have a 'centralized identity management system' either On premise and on cloud , In both scenario , SAML will be recommended as it can bring the data to ServiceNow on schedule, gives SSO capability and Authenticate ?
and there is no need to consider for LDAP integration.
In the ITSM GUIDED SET UP , could we skip LDAP step and jump to SSO SAML for data import , SSO service and Authentication ? In what case LDAP step becomes best solution .
As somewhere read
- that SAML only for Cloud AD and LDAP is used for on-premise AD usually.
- LDAP is to authenticate and bring the data whereas SSO SAML option is for " not to re-authenticate yourself once you log into an Environment only"
Any insight will help .
Thanks NT