Servicenow Azure AD Integration Step by Step Configuration

Author

Reads 437

Computer server in data center room
Credit: pexels.com, Computer server in data center room

To integrate Servicenow with Azure AD, you'll need to configure the Identity Provider (IdP) in Azure AD. This involves creating an Enterprise Application in Azure AD and then configuring the IdP settings.

First, navigate to the Azure AD portal and sign in with your credentials. Then, click on Enterprise Applications and select New Application.

Next, search for Servicenow in the search bar and select the application from the results. You can also manually enter the application details if you have them.

Now, click on the Servicenow application and click on the Configure button to begin the configuration process.

Azure Setup

To set up Azure AD integration with ServiceNow, you'll need to start by configuring Azure AD. This involves going to portal.azure.com and logging in with your credentials.

You'll then click on Azure Active Directory in the menu to your left. From there, you'll select "SAML-based Sign-on" and enter your instance URL in the "Sign on URL" and the "Identifier". Click on "Save" to save your changes.

Credit: youtube.com, Entra ID: ServiceNow Integration with Entra ID

In case your new certificate is in status "New", click the "Make new certificate active" checkbox and then click Save. If your certificate is already in status "Active", you can skip this step.

You'll also need to check the checkbox "Manually configure single sign-on" and scroll down to locate the "Quick Reference". Copy the "Azure AD Single Sign-On Service URL", the "Azure AD Sign Out URL", and the "Azure AD SAML Entity ID" as you'll need this information later.

Here are the steps to follow:

1. Go to portal.azure.com and login with your credentials.

2. Click on Azure Active Directory in the menu to your left.

3. Select "SAML-based Sign-on" and enter your instance URL in the "Sign on URL" and the "Identifier".

4. Click on "Save" to save your changes.

5. Check the checkbox "Manually configure single sign-on".

6. Scroll down to locate the "Quick Reference" and copy the necessary information.

By following these steps, you'll be well on your way to setting up Azure AD integration with ServiceNow.

User Provisioning

Credit: youtube.com, Configure Azure AD to Provision Servicenow accounts

To configure user provisioning, you'll need to follow these steps:

In the Azure Management classic portal, click Configure user provisioning on the ServiceNow application integration page.

You'll then be asked to provide your ServiceNow credentials to enable automatic user provisioning. This includes:

  • ServiceNow Instance Name: type the name of your ServiceNow instance.
  • ServiceNow Admin User Name: type the name of your ServiceNow admin account.
  • ServiceNow Admin Password: type the password for this account.
  • Validate your configuration to ensure everything is correct.

If you want to provision all users to this application, select “Automatically provision all user accounts in the directory to this application”. Then, click Complete to save your configuration.

To test your configuration, you'll need to grant the Azure AD users you want to allow using your application access to it by assigning them.

To assign users to ServiceNow, you can follow these steps:

1. Go to the Azure Management classic portal and select the users you want to assign.

Credit: youtube.com, ServiceNow | How to get Users from Azure AD | ServiceNow Integration with Azure Portal #servicenow

2. Click on the “Add user” button and select the users from the list.

3. Click on the “Assign” button to complete the assignment.

By following these steps, you can configure user provisioning and assign users to ServiceNow. This will enable automatic user provisioning and ensure that your users have access to the application.

It's worth noting that you can also use SCIM (System for Cross-domain Identity Management) to provision users. SCIM allows you to provision users based on conditions, such as to exclude generic or service accounts.

Prerequisites

To integrate ServiceNow with Azure AD, you'll need to meet some prerequisites. First and foremost, you'll need a Microsoft Entra subscription, which you can get for free if you don't already have one.

You'll also need a ServiceNow single sign-on (SSO) enabled subscription, which is a requirement for this integration to work. Make sure your ServiceNow instance or tenant supports one of the following versions: Calgary, Kingston, London, Madrid, New York, Orlando, Paris, or San Diego.

Credit: youtube.com, ServiceNow integration with Azure Active Directory

For ServiceNow Express, you'll need an instance of Helsinki version or later. Additionally, the ServiceNow tenant must have the Multiple Provider Single Sign On Plugin enabled. This plugin is crucial for the integration to work, so double-check that it's enabled.

To install the ServiceNow Agent (Mobile) application, head to the appropriate store and search for the ServiceNow Agent application. Once you've found it, download it to get started.

Implementation

To implement ServiceNow Azure AD integration, start by clicking "Configure single sign-on (Required)" under the "Quick start" section.

You'll need to have Azure Active Directory Premium Plan 1 to set this up.

In Azure, go to portal.azure.com and login with your credentials, then click on Azure Active Directory in the menu to your left.

To set up SAML-based Sign-on, select it and enter your instance URL in the "Sign on URL" and the "Identifier", then click on "Save".

Make sure your certificate is in status "Active" by clicking the "Make new certificate active" checkbox and then clicking Save.

Credit: youtube.com, Azure Active Directory SSO integration with ServiceNow

You'll need to manually configure single sign-on by checking the checkbox "Manually configure single sign-on.

To test single sign-on, click on "Assign a user for testing (required)" and pick a user to add to the list.

To support both methods at the same time, you may need to have them created as two identity providers or use a more generic authentication class like "http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/unspecified".

Setup and Testing

To set up ServiceNow Azure AD integration, you'll need to navigate to portal.azure.com and log in with your credentials. Click on Azure Active Directory in the menu to your left.

First, select "SAML-based Sign-on" and enter your instance URL in the "Sign on URL" and the "Identifier". Click on "Save".

You'll also need to check the checkbox "Manually configure single sign-on. Scroll down and locate the "Quick Reference" to copy the necessary URLs.

Go back to the "Quick start" and click on "Assign a user for testing (required)". Pick a user that you wish to test with and add it to the list.

Credit: youtube.com, ServiceNow SSO with Microsoft Azure AD

To test SSO, select the ServiceNow tile in the Access Panel, and you should be automatically signed in to the ServiceNow for which you set up SSO.

If you want to support both SAML and LDAPS methods at the same time, you may need to have them created as two identity providers or use a more generic authentication class.

Calvin Connelly

Senior Writer

Calvin Connelly is a seasoned writer with a passion for crafting engaging content on a wide range of topics. With a keen eye for detail and a knack for storytelling, Calvin has established himself as a versatile and reliable voice in the world of writing. In addition to his general writing expertise, Calvin has developed a particular interest in covering important and timely subjects that impact society.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.