Very first thing to do is follow the steps to setup SSO with an Identity provider in ServiceNow:
https://docs.servicenow.com/bundle/washingtondc-platform-security/page/integrate/saml/concept/c_Iden...

Then, you would check the boxes Default and Auto Redirect IdP.

Came here looking for the answer, but didn't see it. I ended up figuring it out. This can be done with one line of code:

c.externalLoginMode = true;

Before you do anything, clone your login page and the login widget. Make sure the new login page is using your new widget. The easiest way to do that is to click the "instance" link for the widget under the Page Content section of the new login page. From the instance entry, flip over to the widget tab, and change the Widget to your newly cloned version.

Next, open up your cloned widget, go down to the client controller section, and add this at line 6. (don't replace, add a new line). Basically you want it to fall after the "var c = this" declaration but before the script gets to anything dealing with page rendering.

Here's how mine looks now:

function loginCtrl($scope, $http, $window, $location, glideUserSession, glideSystemProperties, spUtil) {

	var c = this;
	c.remember_me = c.data.forgetMe ? false : c.data.rememberMeDefault;
	c.data.url_suffix = $scope.portal ? $scope.portal.url_suffix : "";
	c.externalLoginMode = true;
	c.masked = true;

Now that you have your new page, go to your service portal config and change the login page entry to your new SSO-first login page. 

We're basically just doing the same thing that the "Use External Login" link does by manually setting it before anything loads.

Edit: Of course, after I figured this out on my own, I found another thread where someone came up with the same solution. Their answer might be easier to follow for some so feel free to take a look there too.