Skip to page contentSkip to chat
ServiceNow support
    • Community
      Ask questions, give advice, and connect with fellow ServiceNow professionals.
      Developer
      Build, test, and deploy applications
      Documentation
      Find detailed information about ServiceNow products, apps, features, and releases.
      Impact
      Accelerate ROI and amplify your expertise.
      Learning
      Build skills with instructor-led and online training.
      Partner
      Grow your business with promotions, news, and marketing tools
      ServiceNow
      Learn about ServiceNow products & solutions.
      Store
      Download certified apps and integrations that complement ServiceNow.
      Support
      Manage your instances, access self-help, and get technical support.
SSO users fail to login and get redirected to logout page immediately - Support and Troubleshooting
  • >
  • Knowledge Base
  • >
  • Support and Troubleshooting (Knowledge Base)
  • >
  • SSO users fail to login and get redirected to logout page immediately
KB0727658

SSO users fail to login and get redirected to logout page immediately


8418 Views Last updated : Jul 24, 2025 public Copy Permalink English (Original)
  • English (Original)
  • Japanese
KB Summary by Now Assist

Issue

SSO users fail to login and get redirected to logout page immediately

Checking the logs in the instance (Syslog.list)

with the following filters :
message > contains> not found
AND
source=SAML2

The following message is observed :

User: abc@test.com not found

Release

Applicable to any release 

Cause

The instance checks for the value in the NameID in the SAML response attribute and tries to find a match in the sys_user table based on 'User Field' mentioned in the Identity Provider record configuration . If a match is found in the instance the user is logged in .

For example if the below is returned :

<NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">abc@test.com</NameID> 

and if in Identity Provider record :

Advance-> User Field is set to 'email'

Instance checks the sys_user table where email=abc@test.com

If a match is not found the user fails to login

Resolution

  • Make sure the IDP returns the right value for NameID attribute
  • If the IDP is set to return the right value make sure that the 'User Field' under the Advanced properties in Identity Provider record is set to the correct field and the user actually exists with the value returned in the SAML response.

The world works with ServiceNow.

Sign in for more! There's more content available only to authenticated users Sign in for more!
Did this KB article help you?
Did this KB article help you?

How would you rate your Now Support digital experience?

*

Very unsatisfied

Unsatisfied

Neutral

Satisfied

Very satisfied

Very unsatisfied

Unsatisfied

Neutral

Satisfied

Very satisfied

What can we improve? Please select all that apply.

What are we doing well? Please select all that apply.

Tell us more

*

Do you expect a response from this feedback?

  • Terms and conditions
  • Privacy statement
  • GDPR
  • Cookie policy
  • © 2025 ServiceNow. All rights reserved.