Set the audience URL for SAML

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Enable your instance to verify that it is the intended recipient of a SAML response by using the Audience property.

    Avant de commencer

    Role required: sso_config_admin, business_rule_admin, script_include_admin

    Pourquoi et quand exécuter cette tâche

    The integration verifies that each SAML response contains the same URL listed in this system property as the URL listed in the Audience element. For example:
    <samlp:Responsexmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"  ID="s2cdc74f37f923e26fe1aeec42b70a93d24230334f"  InResponseTo="90AA6073F01567BFB0DF194F596314E2"  Version="2.0"  IssueInstant="2010-04-29T23:21:51Z"  Destination="https://dloomac.service-now.com/navpage.do">
...
<saml:Conditions NotBefore="2012-01-30T19:57:10Z"  NotOnOrAfter="2012-01-30T20:17:10Z"><saml:AudienceRestriction><saml:Audience>https://demoi2.service-now.com</saml:Audience></saml:AudienceRestriction></saml:Conditions>
...
</samlp:Response>

    Procédure

    1. Navigate to All > SAML 2 Single Sign-on > Properties.
    2. In the property The audience uri that accepts SAML2 token. (Normally, it is your instance URI. For example: https://<instance name>.service-now.com.), enter the URL of your instance.
      For example, https://demoi2.service-now.com. This URL must match the value of the Audience element in the SAML Response.
    3. Click Update.