Configure Private Key JWT for OIDC based SSO

Australia Platform security

Release

australia

ft:locale

ko-KR

ft:publication_title

Australia Platform security

ft:clusterId

psec

bundleId

psec

workflow

Platform

Configure Private Key JWT for OIDC based SSO

릴리스 버전: Australia

업데이트 날짜 2026년 03월 12일

소요 시간: 2분

Configure Private Key JWT for OIDC based SSO integrations.

Role required: oauth_admin

You must perform the following tasks before choosing Private Key JWT for OIDC based SSO.

Upload Java Key Store certificate: Attach a JKS certificate to your instance to use to enable the JWT client authentication.
Configure a JWT signing key: Create a JWT signing key to assign to your Java KeyStore (JKS) certificate.
주:
If you want to add X.509 Certificate SHA-1 Thumbprint int (x5t) to the header as part of the JWT Key, you must configure the form and add the X.509 Certificate SHA-1 Thumbprint int (x5t) field.
Create a JWT provider with a JWT signing key: Add a JWT provider to your ServiceNow instance.

To include a JWT Key for OIDC based Identity Provider, you must:

Install the Integration - Multiple Provider Single Sign-On Installer (com.snc.integration.sso.multi.installer) plugin.
Enable the properties for Multiple Provider SSO Properties. For more information, see Multi-Provider SSO properties, tables, and scripts.
Create an OIDC Identity Provider. For more information, see Create an OpenID Connect (OIDC) configuration for Single Sign-On (SSO).

Navigate to All > System OAuth > Application Registry.
Select the OIDC Identity Provider that you had created.
On top of the form, select Configure > Form Design.

주:
You must add Send Credentials and JWT Provider fields to the form to use the Private Key JWT for OIDC based Identity Provider authentication requests.
Choose the As Private Key JWT for Send Credentials.
Select the JWT Provider.
When the user authenticates, the authentication page has options to login through Okta.