Set the audience URL for SAML

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 1 Minute Lesedauer

    • Enable your instance to verify that it is the intended recipient of a SAML response by using the Audience property.

    Vorbereitungen

    Role required: sso_config_admin, business_rule_admin, script_include_admin

    Warum und wann dieser Vorgang ausgeführt wird

    The integration verifies that each SAML response contains the same URL listed in this system property as the URL listed in the Audience element. For example:
    <samlp:Responsexmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"  ID="s2cdc74f37f923e26fe1aeec42b70a93d24230334f"  InResponseTo="90AA6073F01567BFB0DF194F596314E2"  Version="2.0"  IssueInstant="2010-04-29T23:21:51Z"  Destination="https://dloomac.service-now.com/navpage.do">
...
<saml:Conditions NotBefore="2012-01-30T19:57:10Z"  NotOnOrAfter="2012-01-30T20:17:10Z"><saml:AudienceRestriction><saml:Audience>https://demoi2.service-now.com</saml:Audience></saml:AudienceRestriction></saml:Conditions>
...
</samlp:Response>

    Prozedur

    1. Navigate to All > SAML 2 Single Sign-on > Properties.
    2. In the property The audience uri that accepts SAML2 token. (Normally, it is your instance URI. For example: https://<instance name>.service-now.com.), enter the URL of your instance.
      For example, https://demoi2.service-now.com. This URL must match the value of the Audience element in the SAML Response.
    3. Click Update.