Authentication ServiceNow authentication validates the identity of a user who accesses an instance, and then authorizes the user to features that match the user's role or job function. Available authentication methods You can use several different methods to authenticate users. User credentials are matched to different saved credentials for each method. Table 1. Authentication methods Authentication methods Description Local database The user name and password in their user record in the instance database. Multifactor The user name and password in the database and a passcode sent to the user's mobile device that has Google Authenticator installed. LDAP The user name and password in their LDAP account, which has a matching user account in the database. SAML The user name and password configured in a SAML identity provider account, which has a matching user account in the database. OAuth 2.0 The user name and password of OAuth identity provider, which has a matching user account in the database. Digest Token An encrypted digest of the user name and password in the user record. Multiple Provider SSO allows you to choose use several identity providers (IdPs) to manage authentication as well as retain local database authentication. You can use SAML and Digest Authentication through the Multiple Provider SSO application. Tips for choosing an authentication method Development environments can use the instance's database credentials to speed up the development of new features. Customers who manage their users with existing LDAP or identity providers should use a matching authentication method.