Combined Authentication release notes for upgrades from Vancouver to Yokohama

How to use this page

To help you prepare for your upgrade, we have combined the cross-family Authentication release notes onto one page. Read this summary of the new features, changes, and updated information for your product from Vancouver to Yokohama.

Tip:

If there were no updates for a release notes section in a certain family release, we included a short note for your reference. For example, if a product did not have any updates in Tokyo, the row says "No updates for this release."

Important information for upgrading Authentication to Yokohama

Before you upgrade to Yokohama, review these pre- and post-upgrade tasks and complete the tasks as needed.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.

New features

Between your current release family and Yokohama, new features were introduced for Authentication.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	Continuous Authentication Use Continuous Authentication to require step-up authentication or re-authentication to the users before allowing access to sensitive or high-privilege information. OAuth Grant Types for MID Server Use the Authorization code, resource owner password credential, SAML bearer, and JWT bearer OAuth grant types of OAuth for outbound integration requests through the MID Server. Personal Auth is also supported through the MID server. MID Servers facilitate communication and data movement between a single ServiceNow® instance and external applications, data sources, and services.

Changes

Between your current release family and Yokohama, some changes were made to existing Authentication features.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	Multi-factor Authentication (MFA) Use the FIDO2 authenticator, passkeys, biometric authenticators, and hardware security keys as multi-factor authentication (MFA) factors without requiring an authenticator app setup.
Yokohama	Multi-factor authentication (MFA) enforcement MFA is mandated and is enforced to all the non-SSO login users accessing ServiceNow®.

Removed

Between your current release family and Yokohama, some Authentication features or functionality were removed.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.

Deprecations

Between your current release family and Yokohama, some Authentication features or functionality were deprecated.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	The MultiSSO v1 plugin is deprecated. Upgrade to MutliSSO v2 from MultiSSO v1. For more information on how to upgrade to MultiSSO v2, refer to the knowledge article MultiSSO v2 upgrade instructions [KB9756504] in the Now Support Knowledge Base. The SAML 1.1 and SAML 1.1 Single Sign-On - Update 1 plugin is deprecated. The SAML-based identity providers (IdP) have already migrated to SAML 2.0. To use SAML 2.0, you must activate the MultiSSO v2 plugin and configure your identity provider. The OpenID SSO plugin is deprecated. To use OpenID Connect (OIDC), you must activate the MultiSSO v2 and configure your OIDC-based identity provider.
Yokohama	No updates for this release.

Activation information

Review information on how to activate Authentication.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	Authentication is a ServiceNow AI Platform product that is active by default.
Yokohama	Authentication is a ServiceNow AI Platform product that is active by default.

Additional requirements

If any additional requirements were introduced or changed for Authentication we have noted them here.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.

Browser requirements

If any specific browser requirements were introduced or changed for Authentication we have noted them here.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.

Accessibility information

Review details on accessibility information for Authentication, such as specific requirements or compliance levels.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.

Localization information

If there are specific localization considerations for Authentication we have noted them here.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	No updates for this release.
Yokohama	No updates for this release.

Highlight information

If there are specific highlight considerations for Authentication we have noted them here.


Release	Release notes
Vancouver	No updates for this release.
Washington DC	No updates for this release.
Xanadu	Use the FIDO2 authenticator, passkeys, biometric authenticators, and hardware security keys as multi-factor authentication (MFA) factors without requiring an authenticator app setup. See Authentication for more information.
Yokohama	Yokohama Patch 11 Authentication factors for AI voice service Enable caller access to AI voice agents by configuring the required identification and authentication factors. OAuth enhancements Following are the OAuth enhancements: Use Opaque or JWT token option for your inbound integration endpoints. Use the Allow access only to APIs in selected scope option to enable access to the APIs that are explicitly listed in the selected scopes for your inbound integrations. Use the OAuth Entity Resource tab for outbound integrations to configure resource parameters so they flow into the OAuth token request and are reflected in the token from your OAuth provider. Provider name for Inbound integrations Use the Provider name field to enter the details of your inbound integrations to distinguish between different inbound integrations on your ServiceNow AI Platform®. Update the Provider name in your API integrations to improve monitoring capabilities: For OAuth integrations, update the provider name using the Provider name field. To know more, see OAuth Inbound. For Basic authentication integrations, update the Provider name in the integration registration form. Yokohama Patch 7 OAuth token enhancement Use Opaque or JWT token option for your inbound integration endpoints. Yokohama Use Continuous Authentication to require step-up authentication or re-authentication to the users before allowing access to sensitive or high-privilege information. Multi-factor Authentication (MFA) is enforced by default for all non-SSO login to ServiceNow®. Use the Authorization code, resource owner password credential, SAML bearer, and JWT bearer OAuth grant types of OAuth for outbound integration requests through the MID Server. See Authentication for more information.