Configuring SSO
Import
·
Jul 23, 2019
·
article
Configuring SSO
| Image | Description |
|---|---|
 |
01. Acess Guided Setup https://.service-now.com/nav_to.do?uri=%2Fhome.do%3F |
 |
02. ITSM Guided Setup |
 |
03. Click Get Started |
 |
04. |
 |
05. Click Activate/Repair |
 |
06. Click Activate |
 |
07. Close & Reload Form |
 |
08. Click Add New IdP |
 |
09. Type your informations Example www..com.br/FederationMetadata/2007-06/FederationMetadata.xml |
 |
10. Click Fetch |
 |
11. Click Save |
 |
12. Click Generate metada |
 |
13. On the NameID Policy urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified |
 |
14. Click >> Mult-Provider SSO > Properties |
 |
15. Select Enable multiple provider SS Enable debug logging for the multiple provider SSO integration The field on the user table that identifies a user accessing the "User identification" login page. By default, it uses the 'user_name' field. |
 |
16. >>AD FS > Trust Relationships > Relaying Party Trust >Add Relaying Party Trust |
 |
17. Click Start |
 |
18. Import data about the Relaying party from a file Browse |
 |
19. Type Display name, click Next |
 |
20. Select I do not want to configure mult-facto authentication settings for this relaying party trust at this time Click Next |
 |
21. Click Permit all users to access this Relaying Party and click Next |
 |
22. Click Close |
 |
23. An example about Claim Rule E-mail Address |
 |
24. Click OK |
 |
25. Click Test Connection |
 |
26. Login |
 |
27. Set Default |
 |
28. Set Auto Redirect Idp |
| 29. |
Metadata Sample.xml, step 13.
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://<instance>.service-now.com">
<SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<instance>.service-now.com/navpage.do"/>
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
<AssertionConsumerService isDefault="true" index="0" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<instance>.service-now.com/navpage.do" />
<AssertionConsumerService isDefault="false" index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<instance>.service-now.com/consumer.do" />
</SPSSODescriptor>
</EntityDescriptor>
Author:
Tiago Macul
Paulo Cesar dos Santos Filho
Haddan de Queiroz Rocha
View original source
https://www.servicenow.com/community/itsm-articles/configuring-sso/ta-p/2312770