· 1.AD Azure account
· 2.ServiceNow single sign-on (SSO) enabled subscription
· 3. Multiple Provider Single Sign-On Installer (com.snc.integration.sso.multi.installer) plugin activated in servicenow
Steps to perform :
1. Add ServiceNow from the gallery in Azure AD instance:
Sign in to the Azure portal by using credentials and select the,Azure Active Directory service. Go to Enterprise Applications, and select All Applications. To add new application, select New application.To search for servicenow application In the Add from the gallery section, enter ServiceNow in the search box.Select ServiceNow from results panel, and then add the app. Wait a few seconds while the app is added to your tenant.
Ownership : Azure team
2. Configure Azure AD SSO
In the Azure portal, on the ServiceNow application integration page Select single sign-on. select SAML under which select Basic SAML Configuration to edit the settings.
Provide below details here :
Sign on URL: https://<instancename>.service-now.com/navpage.do
Identifier (Entity ID): https://<instance-name>.service-now.com
Reply URL,: https://<instancename>.service-now.com/navpage.do
Logout URL: https://<instancename>.service-now.com/navpage.do
OwnerShip: Servicenow and Ad team
3. Configure sign-on
You can have Azure AD automatically configure ServiceNow for SAML-based authentication. To enable this service, go to the Set up ServiceNow section, and select View step-by-step instructions to open the Configure sign-on window.And provide below details
ServiceNow instance name
admin username and admin password
Ownership :Azure team configuration, servicenow team admin user creation
4. Activate the Integration - Multiple Provider single sign-on Installer plug-in servicenow
Ownership: Servicenow team
5. Update Multiple Provider SSO Properties in servicenow :
For Property Enable multiple provider SSO, select Yes.
For property Enable Auto Importing of users from all identity providers into the user table, select Yes.
For Property Enable debug logging for the multiple provider SSO integration, select Yes.
For property The field on the user table that..., enter email.
Ownership :Servicenow Team
6. Generate automatic entry for Identity Providers for Azure Ad account :
Got to the Configure sign-on page in azure ad and open the Set up ServiceNow section, and select View step-by-step instructions to open the Configure sign-on window. Now check the details related to servicenow instance which was added in steps 3 it is there and valid it.click on “Configure Now”.
Ownership: Azure team
7. Test the identity provider connection:
Open the servicenow instance and Select the automatically generated identity provider generated by steps 6. Check all the details in User provisioning and advance tab like Single Sign-On Script, NameID Policy,user fields and if not correct update is taking reference on Azure Ad account. Then click on the test connect UI action. After the testing activate the identity provider.
Ownership: Servicenow Team
Post a Comment