Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • Madrid
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Generate instance service provider (SP) metadata for SAML

Log in to subscribe to topics and get notified when content changes.

Generate instance service provider (SP) metadata for SAML

As part of your SSO configuration, you can generate the instance SP metadata to provide to the IdP.

Before you begin

Role required: admin

About this task

The IdP needs the instance SP metadata to authenticate and forward requests.

Procedure

  1. Choose your installed SSO plugin:
    OptionDescription
    Multi-Provider SSO Navigate to Multi-Provider SSO > Identity Providers. Choose an IdP and click the Generate Metadata button. The integration automatically generates the instance's SP metadata from the system property settings.
    SAML 2 SSO Navigate to SAML 2 Single Sign-on > Metadata. The integration automatically generates the instance's SP metadata from the system property settings.
  2. Copy the SP metadata in the text box.

    For example:

    <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://yourinstance.service-now.com">
     	<SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    		<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://yourinstance.service-now.com/navpage.do" />
    		<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
    		<AssertionConsumerService isDefault="true" index="0" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://yourinstance.service-now.com/navpage.do" />
    		<AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://yourinstance.service-now.com/consumer.do"/>
    	</SPSSODescriptor>
    </EntityDescriptor>
  3. Provide the instance SP metadata to the IdP.
    For example, SSOCircle allows a user to provide the SP metadata online.
Feedback