Configuring SAML SSO for ServiceNow

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and ServiceNow.

Prerequisite

  1. Log in to ADSelfService Plus as an administrator.

  2. Navigate to Configuration → Self-service → Password Sync/Single Sign-on.

  3. Locate and click on ServiceNow in the list of applications provided.

  4. Click Download SSO Certificate link in the top-right corner of the screen.

  5. In the pop-up that appears, click Download metadata file and save the XML file. Open the file in a text editor and copy its content.


ServiceNow (Service Provider) configuration steps

  1. Now, Login to ServiceNow portal with an administrator’s credentials.

  2. Navigate to Manage → Instance.

    Screenshot
  3. In the My Instance page, click on the instance URL. Also, note down this value. We will need it while configuring ServiceNow with ADSelfService Plus.

    Screenshot
  4. In the left pane, navigate to Multi-Provider SSO → Identity Providers and then click New.

      NOTE : If Multi-Provider SSO plugin is activated in your instance, Please follow this steps

    Screenshot
  5. In the What kind of SSO are you trying to create? section, select SAML

    Screenshot
  6. In the Import Identity Provider Metadata pop up that appears, select XML and paste the XML file content you had copied in Step 5 of Prerequisite.

    Screenshot
  7. Click Import.

    Screenshot
  8. All the required fields will be auto-filled. Scroll down and click Advanced tab. Make sure in the User Field, the value “email” is entered.

    Screenshot
  9. Click Test Connection. You will be asked to log in to ADSelfService Plus.

  10. One the connection is successful, click Activate.

  11. Now click on the Additional Actions icon at the topnear the identity provider and select Copy sys_id. Paste the value in a note and keep it safe.

    Screenshot
  12. In the left pane, navigate to Multi-Provider SSO → Administration → Properties.

  13. Make sure that Enable multiple provider SSO in enabled.

  14. In the field for user identification, change ‘user_name’ to email as the value.

    Screenshot
  15. Click Save.

  16. In the left pane, navigate to User Administration → Users.

    Screenshot
  17. Select a user for whom you want to enable SSO and click his/her username.

  18. Now click the Additional Actions icon and select Configure → Form Design.

    Screenshot
  19. Drag and drop the SSO source field from the left pane into the user’s form and click Save.

    Screenshot
  20. Close the form design tab and go back to the user configuration page. You can notice the SSO source field added to the user’s form

  21. In the SSO source field, paste the sys_id you had copied in Step 11. Append “sso:” before the sys_id value.

    Screenshot
  22. Click Update.

  23. Repeat steps 17-22 for other users to whom you want to enable SSO.

ADSelfService Plus (Identity Provider) configuration steps

  1. Now, switch to ADSelfService Plus’ ServiceNow configuration page.

  2. In the Domain Name field, enter the domain name of your email address. For example, if you use johndoe@thinktodaytech.com to log in to ServiceNow, then thinktodaytech.com is the domain name.

  3. In the SAML Redirect URL field, enter the value you copied in Step 3 of ServiceNow configuration.

  4. Enter Description for the connection.

  5. In the Available Policies field, select the policies for which you wish to enable single sign-on.

  6. Click Save
    Your users should now be able to sign in to ServiceNow through ADSelfService Plus.

    For ServiceNow, both SP and IDP initiated flows are supported.


Go to Top
Copyright © 2020, ZOHO Corp. All Rights Reserved.
ManageEngine