To give you the most flexibility, ServiceNow supports several authentication options. This allows you to use several methods within your instance. Your instance supports “native” or local authentication (for example, when user credentials are stored in the instance) and OAuth 2.0 authentication (such as for external client authentication), as well as multi‑factor authentication mechanisms.

The ServiceNow SAML plugin supports SSO‑based authentication through a variety of SAML 2.0‑compliant identity providers. This include Active Directory Federation Services (ADFS) as well as third‑party identify providers, such as Ping, SecureAuth, SailPoint, Okta, or others that are compliant with the SAML 2.0 standard. If you have already implemented your own SAML‑compliant IDP or leverage a third‑party service, you can use the same capability for your ServiceNow instance.

LDAP authentication enables customers to use their own LDAP‑compliant directory services such as Active Directory. A directory needs to be accessible to the relevant ServiceNow instance, as often these are located behind a firewall or other perimeter control. As part of the LDAP integration, passwords are not stored or transferred back to your ServiceNow instance.

For additional information, please refer to