On an instance that is configured to accept multiple IDPs to authenticate users, the current mobile app only has a single IDP record stored in the sso_properties table. This is usually the sso_properties record configured as default. The system property 'glide.authenticate.sso.redirect.idp' has the same sys_id value of this SSO property record stored within it.

 

1 - Configure the instance to authenticate with more than one IDP record > name the IDP records 'default' and 'alt'

2 - Make the 'default' IDP record the default IDP for the instance

3 - Check that the sys_id for the 'default' IDP record is value stored in the glide.authenticate.sso.redirect.idp system property

4 - Check that you can utilise both IDPs to access the instance

5 - Open the Service Now mobile app, attempt to authenticate a user that utilises the 'alt' IDP to access the instance via mobile phone

Notice the final step in the above instructions can not currently be performed.

There is currently no supported implementation of the mobile app that can handle more than one IDP to authenticate users, so this issue has been identified as a possible future enhancement.

However, since Helsinki, the web versions of the mobile app has very similar features as the mobile app, and can be utilised instead following the steps illustrated in this video:

https://www.youtube.com/watch?v=z6KmesySrbA 

 

Ensure that the system property glide.ui.m.helsinki_mobile_enabled is set to the value true. 

In the video, we simply create a bookmark, and display it as an icon on the mobile phones home screen. You can specify which IDP you want to use by opening up your mobile browser and utilising the following URI: 

<yourInstanceName>.service-now.com/login_with_sso.do?glide_sso_id=<sys_id _of_ the _identity_provider> 

Replacing the tags <yourInstanceName> with the name of your instance and <sys_id _of_ the _identity_provider> with the sys_id value of the sso_properties record that represents the IDP you wish to utilise for authentication. 

Thereafter your user can login to the mobile web application using an alternative IDP from the default.