Step by step instructions for setting up Facebook authentication on a ServiceNow instance. A great use case for this is a government portal to enable single sign-on for citizens who already have a Facebook account.
This document is built on San Diego release.
Begin by going to the Facebook Developer Dashboard.
Click Create App in the upper right corner.
Select Consumer (1) and click Next (2).
Provide a name for your app (1), add the contact email (2), and click Create App (3).
Provide your Facebook password when prompted and click Submit.
Click Set up on the badge labeled Facebook Login from the available products to add to your app.
Click Web from the choices of platforms.
Enter your instance URL in the Site URL field (1) and click Save (2).
On the left, under Facebook Login, select Settings (3).
In the list of Valid OAuth Redirect URIs, enter the following two URLs, replacing “(yourinstance)” with your instance name.
Click Save Changes.
Navigate to Settings > Basic on the left (1).
Enter your fully qualified instance name in the field App Domains (2) (e.g. dev79000.service-now.com). Be sure to leave off https://.
Enter the same URL in the Data deletion instructions URL (4).
Click Save Changes (5).
At the top of the same page, copy the App ID and App secret to some place safe. Treat these like a login and password!
In your instance, navigate to All > System Applications > All Available Applications.
Use the search filter to install the plugin Integration - Multiple Provider Single Sign-On Installer. Check the option to load the Demo Data.
Search for, and install the plugin Approvals with e-Signature.
Configure the plugins
Navigate to All > Auto Recovery > Properties.
Uncheck Enable account recovery and Save.
Navigate to All > Multi-Provider SSO > Administration > Properties.
Check all three properties and Save.
Configure the identity provider
Using your browser search, download a Facebook icon. Square, between 125x125px and 500x500px PNG or JPG format works best.
Navigate to All > System UI > Images.
Upload the image and note the URL - only the filename is important (e.g. /FacebookIcon.png.)
Navigate to All > Multi-Provider SOO > Identity Providers.
Open the record OIDC_Facebook.
Fill in the following field/values:
- (1) Active: true
- (2) ServiceNow Homepage: https://(yourinstance).service-now.com/navpage.do
- (3) Logo URL: (path of the image noted above)
- (4) Automatically provision users: true
- (5) Update User on next login: true
- (6) User roles applied to provisioned users: (choose appropriately)
From the form menu, select Save.
Select the OIDC Entity tab (1), and open the Facebook record (2).
Fill in the form with the following field/values:
- (1) Client ID: (Use the App ID from your Facebook app)
- (2) Client secret: (Use the App Secret from your Facebook app)
- (3) Redirect URL: https://(yourinstance).service-now.com/fb_redirect.do
Use a new browser, or incognito window and navigate to your instance.
Validate you see the Facebook login button.
Click the button.
Provide your Facebook credentials and click Login.
Click Continue as (username).
If successful, you should have a new user provision after providing Facebook authentication and logged into the instance.
From your original browser window (with admin rights), navigate to All > User Administration > Users and verify the new account was created in sys_user with the proper roles assigned.
Happy user logins!