Multi Okta Idp configuration

Enrique Tabalon
Kilo Guru

Good day!

 

 

D

Does anybody here have done this before on your instance?

Basically, we need know how to configure an identity provider from 2 different Okta instances for 2 different Idps.

Let's say you work for a government and you setup an Okta instance for your govt employees/contractors called "okta.govt.gov".  Also, you are asked to setup another Okta instance for public citizens called "okta.public.gov" that will need to access a ServiceNow portal.

The application or tile on the "okta.govt.gov" has the base URL of <instance_DEV@service-now.com and is pointing to an Idp in ServiceNow which holds the active=true, default=true and 'auto redirect = true.

 

On the other okta instance "okta.public.gov" which has its own application/tile which has the same base URL of <instance_DEV@service-now.com> and pointing to an Idp in ServiceNow active=true, default=false and auto redirect=false.

When the govt employee logs in to okta.govt.gov and clicks the tile, he/she gets a login successfult.

When a public citizen logs in to okta.public.gov and clicks the tile, he/she then gets redirected to the login screen of the Okta instance "okta.govt.gov". 

 

Is this configuration doable? I have support case opened and haven't been assigned to an technical engineer. Hoping anyone here have done this before.

 Appreciate your assistance.

 

THank you!

Enrique

1 ACCEPTED SOLUTION

For the second part, the user SSO configuration may be what is needed.

View solution in original post

5 REPLIES 5

Jeff Currier
ServiceNow Employee
ServiceNow Employee

Enrique,

In following the steps in this article, did you do steps 10-13 for both identity providers?

If not, I believe that is the next step.

If so, we may need to look at why it thinks those public users are internal.  We need to ensure they are routed to the correct provider

For the second part, the user SSO configuration may be what is needed.

Thanks for the update. We've completed steps 10-13 before. We were using multi ADFS auth before then switched to Okta.

Enrique

Archana30
Tera Contributor

Hello @Enrique Tabalon

 

Have you managed to implement the above requirement for your instance. We have a similar requirement & appreciate any guidance on this. 

 

Thanks in advance