Deep Link to KB article with SSO enabled

Sabrina10
Kilo Guru

‎06-08-2017 10:26 AM

After upgrading to Istanbul, when a user clicks on a link to a KB article and they are not logged, rather than get redirected to login and then the KB page, the user gets the message 'Knowledge record not found'.   This happens for all users.

The URL works fine when the user is already logged into SN.     I've tried various versions of the URL including:

https://<instance>.service-now.com/nav_to.do?uri=kb_view.do?sysparm_article=<article_number>

https://<instance>.service-now.com/nav_to.do?uri=kb_view.do?sys_id=<kbsysid>

Deep linking works fine when going to other ticket types, even when going to the kb_knowledge form, but just not the kb_view page (or kb_customer_view).

Any suggestions?

Thanks

Sabrina

  • 3,294 Views
7 REPLIES 7

kbean1
Tera Expert

‎10-12-2017 08:30 PM

We had the same issue and I submitted this to ServiceNow on HI.



Their resolution was to make the "$sp" Public Page inactive.   This makes it only available to authenticated users.   If a user is unauthenticated, they will be redirected to the correct SSO login page.


Public Pages.png



Cheers,


Ken


Preview file
29 KB

Katie A
Mega Guru
In response to kbean1

‎01-15-2019 01:32 PM

This is helpful. Do you happen to know of a solution for Public articles? In other words, the redirect should not occur if the article is marked as public.

0 Helpfuls

Charlotte Pakes
Tera Guru
In response to Katie A

‎01-16-2019 12:28 AM

Hi Katie,

You might find my answer to Sabrina helpful.

Kind regards,

Charlotte

Charlotte Pakes
Tera Guru

‎01-16-2019 12:27 AM

Hi Sabrina,

I'm aware this is quite old now, but there is a recent query from Katie A about this so I thought I would add our experience.

We have implemented what you describe on our Service Portal. Our Portal is a mix of Public and non-Public content, so making $sp inactive in Public Pages is not an option for us. I did this by looking at how Widgets like the OOTB Login one worked and using code from there. e.g:

Server Script:

data.default_idp = GlideProperties.get("glide.authenticate.sso.redirect.idp");

if (input && input.action === "set_sso_destination") {

gs.getSession().putProperty("login_redirect_url",'/sp?id=kb_article&sys_id=' + $sp.getParameter('sys_id'));

}

Client Controller:

	c.data.url = $window.location.href;
	
	if (!c.data.isvalid && $scope.user.name == 'Guest') {
		
		c.server.get({
			
			action: "set_sso_destination"
			
		}).then(function() {
			
			var url = "login_with_sso.do?glide_sso_id=" + c.data.default_idp;
			$window.location.href = url;
			
		});
	}

The isValidRecord and canRead checks on the GlideRecord in the Server Script mean that the redirect is only triggered for non-Public articles when the user is not logged in (is 'Guest' user). In addition, this means we can also present a different message to users who login but don't have permissions to view the article.

Hope this is helpful.

Kind regards,

Charlotte