Configure multi-provider SSO properties

Several multiple-SSO properties are available. To configure an IdP whitelist, you must add a property to the System Properties table.

Before you begin

Role required: admin

Procedure

  1. Navigate to Multi-Provider SSO > Properties.
  2. Select the Enable Multi-Provider SSO check box. This option adds the link Use external login to the login page.
  3. To update the user table with the users in the IdP, select the Enable Auto Importing option.
  4. To enable the debug messages to appear at the bottom of the content frame, select the Enable debug logging for the Multi-Provider SSO integration check box.
    If enabled, the debug logging feature slows down performance and uses up disk space to generate the logs.
  5. In the property The field on the user table that identifies a user accessing the User identification login page, enter the value the IdP uses to identify the user. The default value is user_name.
    Figure 1. Multi-SSO properties
    Multi-SSO properties
  6. Click Save.
  7. Instruct your users to click the Use external login link when they log in to the instance.
  8. Open the System Properties [sys_properties] table and add the following property:
    glide.security.url.whitelist
    This property controls the external redirect allowed during SSO/SAML authentication. The logout_redirect page utilizes this property. Add the IdP AuthnRequest URLs to the whitelist, separated by commas.
    Note: When this property it is not defined or defined empty, all URLs are wide open for redirect.
    If you defined this property, and then deleted by an upgrade, for example, this condition might cause a URL request loop. Clear the instance cache by navigating to https://<instance_name>.service-now.com/cache.do. Check if the property exists and define it as an empty string to get through this issue.