Configuring the digest properties for multi-provider single sign-on (SSO)
After enabling a digest installation exist script, configure properties for multi-provider SSO.
Before you begin
About this task
Procedure
- Navigate to All > Multi-Provider SSO > Identity Providers.
-
Fill in the fields of Digest Properties form.
Option Description Name Enter the name of the digest token. User Enter the sys_user field that contains the matching data for the incoming header. HTTP Digest header name Enter the HTTP header you generated. For example, DE_USER.HTTP header name Enter the HTTP header you generated for your created digested token. For example, SM_USER.Secret Passphrase Enter the secret key to use for encoding digest keys. For example, 32 or more characters.Failed SSO Redirect field Enter the URL to redirect users after a failed authentication. External logout redirect Enter the URL to redirect users after a logout. Single Sign-on Script Select MultiSSO_DigestedToken. Client Type Choose the client type, based on the type of your client. Options:Iframe Embedded. Note:If client type field is required for your configuration, you can edit the form and add the field. To know more, see Configure client type for OAuth and SSO records. - Click Update.
-
Set your Digested Token default to true.
When you set the default to true, this overwrites the system default digest token record associated to SSO. Once the first multi-provider SSO related IdP record activates, only records associated to multi-provider SSO will be used.
Digest token records which exist in digest properties table can be individually called by appending the Sys_ID of the IdP. For example, a digest token record in the following authentication URL: https://<instance_name>.service-now.com/login_with_sso.do?glide_sso_id=<sys_id_of_Digest_token_record>&SM_USER=<user_name>&DE_USER=<digested_token>