ServiceNow(Glide) configuration for IDP

  • Release version: Australia
  • Updated June 19, 2026
  • 1 minute to read
  • This process involves setting up the necessary tables and mappings within your ServiceNow instance. This includes configuring ServiceNow, creating the MCP server, and connecting the MCP client.

    Before you begin

    Role required: admin

    Procedure

    Configure the OIDC provider
    Note:
    Okta is used as the use case to guide you through the steps.

    Configure OIDC provider
    1. Navigate to the oidc_provider_configuration table and select New.
    2. Enter a Name for the OIDC provider.
      For example, Okta MCP Third Party.
    3. Set the Cache Configuration Lifespan.
      The maximum value is 720 hours.
    4. Enter the IDP metadata URL into the Metadata URL field.
    5. In the User Claim section, enter sub, and in the User Field, select email.
      This maps the sub claim from the IDP token to the email field in the sys_user table.
    6. Select Submit.
    Create the MCP server
    1. Navigate to the MCP server console and select Create Server.
    2. Enter a name for the server and add the required tools.
      For example, MCP with Third Party IDP.
      After you create the server, ServiceNow automatically generates an entry in the oauth_protected_resource table and populates it with the list of APIs allowed for that server.
    Map the protected resource to the IDP
    Map protected resource to the IDP
    1. Navigate to the oauth_protected_resource_idp_mapping table and select New.
    2. In the Protected Resource field, select the resource that was created for your MCP server.
      If your MCP server name is sn_mcp_server_default, the protected resource path is /sncapps/mcp-server/mcp/sn_mcp_server_default.
    3. In the OIDC Provider field, select the OIDC provider configuration you created earlier.
    4. Select Submit.

    Result

    Your MCP server is now configured to authenticate users through the third-party IDP. Users who connect an MCP client to this server are redirected to the related IDP to authenticate.

    What to do next

    1. Configure and set up the third-party IDP. This part involves setting up the application and authorization server within the third-party IDP setup. See https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB3095516 to read more. This document uses Okta as the use case, however, Microsoft Entra is also recommended.
    2. Integrate and test.