Monday, November 21, 2022

SSO Integrations with ServieNow and Azure AD.

 

Prerequisites

·       1.AD Azure account

·       2.ServiceNow single sign-on (SSO) enabled subscription

·       3.  Multiple Provider Single Sign-On Installer (com.snc.integration.sso.multi.installer) plugin activated in servicenow

Steps to perform :

1.     Add ServiceNow from the gallery in Azure AD instance:

Sign in to the Azure portal by using credentials and select the,Azure Active Directory service. Go to Enterprise Applications, and select All Applications. To add new application, select New application.To search for servicenow application In the Add from the gallery section, enter ServiceNow in the search box.Select ServiceNow from results panel, and then add the app. Wait a few seconds while the app is added to your tenant.

Ownership : Azure team

2.     Configure Azure AD SSO

In the Azure portal, on the ServiceNow application integration page Select single sign-on. select SAML under which select  Basic SAML Configuration to edit the settings.

Provide below details here :

Sign on URL: https://<instancename>.service-now.com/navpage.do

Identifier (Entity ID): https://<instance-name>.service-now.com

Reply URL,: https://<instancename>.service-now.com/navpage.do

Logout URL: https://<instancename>.service-now.com/navpage.do

OwnerShip: Servicenow and Ad team

3.       Configure sign-on 

You can have Azure AD automatically configure ServiceNow for SAML-based authentication. To enable this service, go to the Set up ServiceNow section, and select View step-by-step instructions to open the Configure sign-on window.And provide below details

ServiceNow instance name

admin username and  admin password

Ownership :Azure team configuration, servicenow team admin user creation

4.      Activate the Integration - Multiple Provider single sign-on Installer plug-in servicenow

Ownership: Servicenow team

5.     Update Multiple Provider SSO Properties in servicenow :

For Property Enable multiple provider SSO, select Yes.

For property Enable Auto Importing of users from all identity providers into the user table, select Yes.

For Property Enable debug logging for the multiple provider SSO integration, select Yes.

For property The field on the user table that..., enter email.

Ownership :Servicenow Team

6.     Generate automatic entry for Identity Providers for Azure Ad account :

Got to the Configure sign-on page in azure ad and open the Set up ServiceNow section, and select View step-by-step instructions to open the Configure sign-on window. Now check the details related to servicenow instance which was added in steps 3 it is there and valid it.click on “Configure Now”.

Ownership: Azure team

7.     Test the identity provider connection:

Open the servicenow instance and Select the automatically generated identity provider generated by steps 6. Check all the details in User provisioning and advance tab like Single Sign-On Script, NameID Policy,user fields and if not correct update is taking reference on Azure Ad account. Then click on the test connect UI action. After the testing activate the identity provider.

Ownership: Servicenow Team

 

 

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/docusign-tutorial

No comments:

Post a Comment