For those of you who are unfamiliar, the Microsoft product known as Azure is an example of what is now known as Infrastructure as a Service (IaaS) ). In practical terms what Azure actually is, are a number of tightly integrated cloud services that offers IT professionals opportunity to build, use, deploy and manage applications that are configured in a network of data centre, with little overhead and from a single dashboard. In this demo, I walk through a Service Now, Microsoft Azure integration from end to end, from how to obtain an account for Azure highlighting some of the potential pitfalls. This video can be used as a guide, but I would also suggest reviewing the linked to

In the demonstration below, I will be walking you through how to integrate the Service Now Platform as a Service (PaaS), Microsoft Azure (IaaS). The video provides an end to end description of the steps required, from how to obtain an account for Azure, to auto-provisioning users accounts from your Azure domains into Service Now. And highlighting some of the potential pitfalls along the way.

Before you begin, as a prerequisite you will require a Service Now instance, preferably the Istanbul release or later, installed with the Multiple Provider Single Sign-On Enhanced UI plugin. If you require instruction on how to install the Multiple Provider Single Sign-On Enhanced UI plugin please review the article linked to below:

Configuring Single-Sign-ON via the user interface

Also, I would suggest reviewing the article linked to before departing:

https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-servicenow-tutorial

In the video, I highlight that the scripts within Azure responsible for configuring the integration with Service Now set the NameID Policy with a nameid format parameter as follows: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

Now the above configuration is all very well good if the service provider is configured in a manner to manage it. Typically, the nameid format parameter is set to the following:

urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress.

When configured as above the nameid format is treated as the username and there is no requirement for an alias lookup service to be performed. To successfully complete your Azure/Service Now integration I would advise that you use emailAddress as in the nameid format parameter