Multi Single Sign-on Overview

The MultiSSO Update Set provides the ability for an Instance to support more than one form of Single
Sign-on. If you are planning on providing SAML as one form of Single Sign-On you will only need to
activate the SAML 2.0 plugin. The Plugin contains the SAML core libraries needed for SAML functions
and methods.

How It Works
To accomplish Multiple forms of Single Sign-on in one instance, rather than using the System Properties,
the Application comes with a Single Sign-on properties table with default Digest, SAML2, and SAML2
Update1 property sets to define per Company basis how Users of a Company will log into the system.

Multi Single Sign-on Requirements

The Multi Single Sign-on integration requires:
MultiSSO Update Set

Multi Single Sign-on Setup

Use the following steps to install a new integration of MultiSSO.
1.

If you are going to be implementing SAML activate the SAML 2.0 plugin.
o You only need this plugin because it contains the SAML library. SAML 2.0 Update 1
would work too but you will have to clear additional properties.
2. Navigate to System Properties -> Single Sign-on
3. Clear out ALL property values and Save
o For Company's that do not use SSO it is best to set the "URL to redirect users after
logout, typically back to the portal that enabled the SSO (e.g.
http://portal.companya.com/logout)" property to "navpage.do"
4. Navigate to SAML 2 Single-Sign On -> Properties
5. Clear out ALL property values and Save
o For Company's that do not use SSO it is best to set the "URL to redirect users after
logout, typically back to the portal that enabled the SSO (e.g.
http://portal.companya.com/logout)" property to "navpage.do"
6. Navigate to SAML 2 Single-Sign On
o Select Login Script module and set or verify Active equals false
o Select Logout Script module and set or verify Active equals false
7. Navigate to System Update Sets -> Retrieved Update Sets
8. Right click on list header and select Import XML
o You must have Admin role to import from XML
9. Select the MultiSSO Update set and import
10. Open the MultiSSO retrieved update set
11. Preview the Update Set
12. Select the Show Full Preview to Preview the Update set

13.
14.

15.
16.
17.
18.
19.
20.
21.

Make sure none of the Updates have a Proposed action of Skip by filtering out all
Commit Proposed actions from the list
o If any of the Updates are marked as Skip change their Proposed actions to Commit
Commit the Update Set
If you are on Calgary Navigate to System Maintenance -> Whitelist Members and do an Insert and
Stay on each record. There is a bug with whitelisting where records whitelisted from an update set
are not recognized.
Navigate to MultiSSO -> Single Sign-On Properties
Create a new Property set for the Company (Digest Token, SAML2, or SAML2 Update1)
o Example Property Sets for each SSO type are provided for examples
Navigate to MultiSSO -> Companies and clear the list filter to see ALL Companies
Open the Company you want to configure SSO for and open the record
Select a Single Sign-On Property Set (Digested Token, SAML2, SAML2 Update1)
Select a Login Company Code (Generally an acronym for the company. EX ServiceNow == now
Login as the Company providing the new URL http://yourinstance.service-now.com/now

Configure Digest
1.
2.
3.
4.

Navigate to MultiSSO -> Single Sign-On Properties

Click New
Select Degest Properties
Fill out the required propertis
o Example Digest Token Properties are provided as an example

Configure SAML 2.0

1.
2.
3.
4.

Navigate to MultiSSO -> Single Sign-On Properties

Click New
Select SAML2 Properties
Fill out the required propertis
o Example SAML2 Properties are provided as an example

Configure SAML 2.0 Update 1

1.
2.
3.
4.

Navigate to MultiSSO -> Single Sign-On Properties

Click New
Select SAML2 Update1 Properties
Fill out the required propertis
o Example SAML2 Update1 Properties are provided as an example