Configure the digest properties for multi-provider single sign-on (SSO)

Release version: Australia

Updated March 12, 2026

1 minute to read

After enabling a digest installation exist script, configure properties for multi-provider SSO.

Before you begin

Role required: adaptive_auth_admin, user_admin, sso_config_admin

If you are not using multi-provider single sign-on, configure standard single sign-on properties.

Fill in the fields of Digest Properties form.

Option	Description
Name	Enter the name of the digest token.
User	Enter the sys_user field that contains the matching data for the incoming header.
HTTP Digest header name	Enter the HTTP header you generated. For example, `DE_USER`.
HTTP header name	Enter the HTTP header you generated for your created digested token. For example, `SM_USER`.
Secret Passphrase	Enter the secret key to use for encoding digest keys. For example, `32 or more characters`.
Failed SSO Redirect field	Enter the URL to redirect users after a failed authentication.
External logout redirect	Enter the URL to redirect users after a logout.
Single Sign-on Script	Select MultiSSO_DigestedToken.
Client Type	Choose the client type, based on the type of your client. Options:Iframe Embedded. Note: If client type field is required for your configuration, you can edit the form and add the field. To know more, see Configure client type for OAuth and SSO records.

Click Update.
Set your Digested Token default to true.
When you set the default to true, this overwrites the system default digest token record associated to SSO. Once the first multi-provider SSO related IdP record activates, only records associated to multi-provider SSO will be used.
Digest token records which exist in digest properties table can be individually called by appending the Sys_ID of the IdP. For example, a digest token record in the following authentication URL: https://<instance_name>.service-now.com/login_with_sso.do?glide_sso_id=<sys_id_of_Digest_token_record>&SM_USER=<user_name>&DE_USER=<digested_token>