How to re-enable SAML 2.0 Update 1 after Multi-Provider SSO plugin is installed
Customers initially have the SAML 2.0 Update 1 and request that Multi-Provider SSO be installed for testing. If customers find that Multi-Provider SSO does not fit their use cases, they may request to go back to the previous plugin.
Customer is on Eureka and is affected by PRB621377 (IdP-initiated logins fail with "Multi-Provider SSO"). This is fixed in Fuji Patch 2.
Customer is on Eureka and notes that it does not automatically redirect to their IdP if they are logged out. In Fuji, development introduced 2 concepts: Primary IDP and Default IDP.
If the customer requests to go back to the SAML 2.0 Update 1 plugin, follow the steps below.
- Go to https://<instance_name>.service-now.com/nav_to.do?uri=sys_app_application.do?sys_id=daac9cdd0a0a0bcb113f9da323508587.
- Click the Active option to add SAML 2 Single Sign-on back to the application menu.
Refresh the left navigation pane if it does not appear after saving the change above.
- Go to Multi-Provider SSO and clear the Enable multiple provider SSO option.
- Go to https://<instance_name>.service-now.com/nav_to.do?uri=sys_app_application.do?sys_id=ce03a7131b121100227e5581be07130b.
- Clear the Active option to remove the Multi-Provider SSO from the application menu.
Refresh the left navigation pane if it still appears after saving the change above.
- Find the following Installation Exits and set Active to false:
- Find the following Installation Exits and set Active to true:
- Go the SAML properties page and select the Enabled external authentication option.
|Note: Unfortunately, the MultiSSO plugin cannot be uninstalled. The steps above should allow the instance to use the SAML 2.0 Update 1 code instead.|
|Note: Development encourages customers to move to the Multi-Provider SSO plugin when they upgrade to Fuji and later releases.|