Two SSO options in same instance

Go to solution
Brent Cox
Giga Guru

‎11-17-2022 06:33 AM

Hello, 

 

We have a set up where the bulk of our licenses are currently using SSO through Microsoft. We've recently acquired roughly 200 users that are on a separate domain, so they can not use this same SSO. We also cannot use a direct LDAP connection to authenticate their password to login. The solution we are looking at is to use Okta for their SSO solution. Is it possible to set up our instance to use two separate SSOs? We need to make sure that the default SSO is set up for the majority of the users, but for these select 200 or so users, we need to have it so they do not reroute to the main SSO login, but can access the secondary SSO through Okta. 

0 Helpfuls
  • 1,788 Views
1 ACCEPTED SOLUTION

Go to solution
Mike_R
Kilo Patron
Kilo Patron
In response to Brent Cox

‎11-17-2022 08:17 AM

I see this in the docs

 

https://docs.servicenow.com/bundle/sandiego-platform-security/page/integrate/single-sign-on/task/t_C...

 

Configure users for Multi-Provider SSO

  •  

Administrators can configure Multi-Provider SSO for individual users or for all users who belong to a company. You cannot configure Multi-Provider SSO for groups.

Before you begin

Role required: admin

Procedure

  1. Navigate to All > Multi-Provider SSO > Identity Providers.
  2. Right-click an identity provider record and select Copy sys_id.
  3. Copy the data to your clipboard.
  4. Navigate to a user record or a company record.
  5. Configure the form and add the SSO Source field.
  6. In the SSO Source field, enter one of the following:
    • SAML users: enter sso: followed by the sys_id of the identity provider's record.
    • SSO Federation users: enter federation: followed by the sys_id of the federation record.
  7. Click Update.

Mike
* My Collection of ServiceNow Stuff *

View solution in original post

0 Helpfuls
3 REPLIES 3

Go to solution
Brent Cox
Giga Guru
In response to Mike_R

‎11-17-2022 07:57 AM

I was able to set up the Multi-Provider SSO on our DEV instance and it is working. I don't see where I can toggle which users get this versus a separate SSO set up. That would be my issue. Our existing SSO is currently only enabled in our prod environment too, so that makes it difficult to test. 

0 Helpfuls

Go to solution
Mike_R
Kilo Patron
Kilo Patron
In response to Brent Cox

‎11-17-2022 08:17 AM

I see this in the docs

 

https://docs.servicenow.com/bundle/sandiego-platform-security/page/integrate/single-sign-on/task/t_C...

 

Configure users for Multi-Provider SSO

  •  

Administrators can configure Multi-Provider SSO for individual users or for all users who belong to a company. You cannot configure Multi-Provider SSO for groups.

Before you begin

Role required: admin

Procedure

  1. Navigate to All > Multi-Provider SSO > Identity Providers.
  2. Right-click an identity provider record and select Copy sys_id.
  3. Copy the data to your clipboard.
  4. Navigate to a user record or a company record.
  5. Configure the form and add the SSO Source field.
  6. In the SSO Source field, enter one of the following:
    • SAML users: enter sso: followed by the sys_id of the identity provider's record.
    • SSO Federation users: enter federation: followed by the sys_id of the federation record.
  7. Click Update.

Mike
* My Collection of ServiceNow Stuff *

0 Helpfuls