The CreatorCon Call for Content is officially open! Get started here.

How can you force a certain SSO on a specific Sevice Portal

JC S_
Mega Guru

We are implementing multiple service portals and we need to force a specific SSO on each portal. So the end result would be when a user goes to portal A he will login using SSO A and when user goes to portal B he will login using SSO B.

Any ideas on how we can do this? We can see in service portal configuration that you can define a login page, but how can this be set to a specific SSO provider instead?

6 REPLIES 6

henry_cheng
ServiceNow Employee
ServiceNow Employee

Hi Jimboy,



Once you enabled Multiple-Provider SSO plugin system will add a link "Use external login" on the login page. So if you have multiple Identity Provider records configured when you click on the link to login it will display a list of IdPs for you to choose. System could not know which IdP you will use before you login so the choice needs to be made by yourself.



Alternatively you can use below URL to specify the sys_id of the IdP you will use to login.


/login_with_sso.do?glide_sso_id=<sys_id of the sso configuration>


This is documented in below wiki page.


Log in using Multi-SSO



Cheers


Henry


Hi Henry, we've already done that and know that you can directly access the SSO page using that URL method.



What we want to achieve is to make it very seamless for our users when logging in, that's why we want to force a specific SSO on a specific Service Portal. There should be no need to click external login because we already know that when you go to service portal A then the system should show SSO A.



Again, the end result would be when a user goes to portal A he will login using SSO A and when user goes to portal B he will login using SSO B.


We are thinking creating a new service portal page and set is as the login page for Service Portal A for example, then make a clone of the login widget and in the widget's code do the redirection to the specific SSO login page. Do you think this approach can work?


henry_cheng
ServiceNow Employee
ServiceNow Employee

Hi Jimboy,



AFAIK there is no OOB function can achieve this. The link [Use external login] is the default link for SSO login.


Your request could only be realized by customization. It seems the direction you mentioned is the correct one.


You can make new login widget for each login page of the Service Portal and inside the widget compulsorily redirect user to the specific IdP for authentication.


If you need any more help regarding the customization I recommend you contact ServiceNow Professional Service team.



Cheers


Henry