Scribd Logo
Upload

Welcome to Scribd!

  • Azure AD Integration

    Uploaded by

    Amitabh Biswas
    17 views12 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    17 views12 pages

    Azure AD Integration

    Uploaded by

    Amitabh Biswas

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 12

    12/15/22, 1:09 PM NowKB Admin

    Use the following steps to configure Azure AD Single Sign-On (SSO) with ServiceNow.

    Prerequisites
    Before you begin, make sure you have met the following prerequisites:

    An Azure AD subscription. Activate the subscription from Azure free account.


    A ServiceNow Single Sign-On (SSO) enabled subscription.
    For ServiceNow, an instance or tenant of ServiceNow, Calgary version, or later.
    For ServiceNow Express, an instance of ServiceNow Express, Helsinki version, or later.
    Submit a Service Request to get the Multiple Provider Single Sign-On Plugin for the ServiceNow tenant.
    For automatic configuration, enable the multi-provider plugin for ServiceNow.
    Install the ServiceNow Classic (Mobile) application. To download the application, go to the appropriate store, and
    search for the ServiceNow Classic application, then download it.

    NOTE: The integration of Azure AD with ServiceNow supports both Azure AD public cloud and Azure AD US
    government cloud environment. Find the US Government cloud application in the Azure AD US government cloud
    application gallery, and configure the application similarly to Azure AD public cloud.

    Configure Azure AD SSO


    Perform the following activities to configure the Azure AD SSO:

    Step 1: Add a New User using Azure AD


    1. Log in to the Azure AD portal (https://portal.azure.com/) with your Azure subscription credentials.

    2.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 1/12
    12/15/22, 1:09 PM NowKB Admin

    Click Azure Active Directory or search for Azure Active Directory in the Search bar.

    3.

    Go to Users > All Users, and then select New user.

    4.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 2/12
    12/15/22, 1:09 PM NowKB Admin

    Enter the required information of the user and click Create.

    NOTE: Make sure to copy the User name and Password for later use. For example, User name: XXXX and Password:
    XXXXX.

    The user is created and added to your Azure AD.

    Step 2: Configure ServiceNow SSO in Azure AD


    1. Log in to the Azure AD portal (https://portal.azure.com/).
    2. Click Azure Active Directory > Enterprise Application and search for ServiceNow in the Search bar.

    3.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 3/12
    12/15/22, 1:09 PM NowKB Admin

    Select the ServiceNow application and click Create.


    You are redirected to the ServiceNow application page.

    4.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 4/12
    12/15/22, 1:09 PM NowKB Admin

    Under Manage, click Single Sign-On.

    5. Under Select a Single Sign-On method, select SAML.

    6.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 5/12
    12/15/22, 1:09 PM NowKB Admin

    Under Set up Single Sign-On with SAML, click Edit.

    7. Under Basic SAML Configuration, configure the following fields.


    Identifier (Entity ID). Enter the URL in the following format: https://<instance-name> service-now.com.
    Reply URL (Assertion Consumer Service URL). Enter the URL in the following
    format: https://instancename.service-now.com/navpage.do.
    Sign on URL. Enter the URL in the following format: https://instance.servicenow.com/logi...?glide_sso_id=
    <sys_id of the SSO configuration>
    8. Click Save.
    9. Under User Attributes & Claims and SAML Signing Certificate, click Edit. Configure the required fields and
    Save
    the configuration.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 6/12
    12/15/22, 1:09 PM NowKB Admin

    Unsuppor
    ted image
    type.

    10. To configure ServiceNow for SAML-based authentication automatically from Azure AD, enable the
    following service:
    Under Set up ServiceNow, click View step-by-step instructions to open the Configure sign-on
    window. In the Configure sign-on form, enter your ServiceNow instance name, admin user
    name, and admin password and click Configure Now.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 7/12
    12/15/22, 1:09 PM NowKB Admin

    NOTE: Once you have saved the SSO configuration, an Identifier is created automatically in ServiceNow Identity
    Provider.

    Step 3: Configure ServiceNow SSO


    1. Log in to ServiceNow as an admin.
    2. Find the plugin Integration Multiple Provider Single Sign-On in the Search bar. To activate the plugin, click
    Activate.

    3. Select the Microsoft Azure ServiceNow instance and click the right arrow icon to add to the Certificates List.

    4.

    Unsupported
    image type.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 8/12
    12/15/22, 1:09 PM NowKB Admin

    5.
    6. Click Save.
    7. At the upper-right corner of the page, click Test Connection.

    6. If the Test Connection fails to activate the connection, ServiceNow provides the override switch and configure
    the following details:
    Enter Sys_properties.LIST in the search bar and you are redirected to the System Properties page.
    Create a property and enter a name as glide.authenticate.multisso.test.connection.mandatory. Set
    the data type as True/False and set the value as False.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 9/12
    12/15/22, 1:09 PM NowKB Admin

    If prompted for credentials, enter the credentials and you are redirected to the following page.
    The SSO Logout Test Results displays an error. Ignore the error and click ActivateLog in to the ServiceNow
    instance using the external login. You are redirected to the Office 365 page to provide user credentials of Azure
    AD.

    Step 4: Configure Proxy for ServiceNow


    Before configuring a proxy for ServiceNow, integrate ServiceNow with Azure AD using the ServiceNow Active
    Directory tutorial.

    To configure a proxy for ServiceNow:

    1. Log in to the Azure AD portal.


    2. Go to Enterprise applications > All applications > ServiceNow > Single Sign-On > SAML-based
    sign-on.
    3. Under Basic SAML Configuration, replace the Reply URL (ACS URL) and
    Sign on URL with https://www<proxy url>/navpage.do?shnsaml.
    Click Save.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 10/12
    12/15/22, 1:09 PM NowKB Admin

    4. Log in to ServiceNow instance as an admin. To log in, use the ServiceNow instance integrated with Azure AD.
    For example, https://<instance-id>.service-now.com/side_door.do.
    5. Go to Multi-Provider SSO > Identity Provider and select the configured IdP created earlier.

    6.

    Replace the ServiceNow Homepage URL with https://www<proxy url>/navpage.do?shnsaml and click
    Update.

    7. Validate both IdP initiated login and SP initiated login.


    For IdP initiated login, install My Apps Secure Sign-in extension in your browser or gto
    https://myapps.microsoft.com for authentication and select ServiceNow application in the application list.
    For SP initiated login, use external login with Azure user credentials.

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 11/12
    12/15/22, 1:09 PM NowKB Admin

    https://admin.nowkb.com/article/edit/901e16ce-104b-4efb-b27e-e2edf0882b4e 12/12

    You might also like