---
title: Creating a single sign-on connection
description: To allow PingFederate to handle single sign-on (SSO) to ServiceNow, create a service provider (SP) connection.
component: servicenow
page_id: servicenow:setup:pf_servicenow_connector_creating_a_single_sign_on_connection
canonical_url: https://docs.pingidentity.com/integrations/servicenow/setup/pf_servicenow_connector_creating_a_single_sign_on_connection.html
revdate: July 8, 2024
section_ids:
  about-this-task: About this task
  steps: Steps
---

# Creating a single sign-on connection

To allow PingFederate to handle single sign-on (SSO) to ServiceNow, create a service provider (SP) connection.

## About this task

|   |                                                                                                           |
| - | --------------------------------------------------------------------------------------------------------- |
|   | You can follow these steps to create a new SP connection, or you can modify your provisioning connection. |

## Steps

1. In the PingFederate administrator console, configure an SP connection.

   1. On the **Identity Provider** tab, in the **SP Connections** area, click **Create new**.

   2. On the **Connection Template** tab, select **Use a template for this connection**.

   3. In the **Connection Template** list, select **ServiceNow Connector**.

   4. Click **Choose File**, select the `sn-metadata.xml` file that you exported in [Exchanging signing certificates](pf_servicenow_connector_exchanging_signing_certificates.html), and then click **Open**. Click **Next**.

2. On the **Connection Type** tab, select **Browser SSO Profiles**. If you don't want provisioning, clear **Outbound Provisioning**. Click **Next**.

3. On the **Connection Options** tab, click **Next**.

4. On the **General Info** tab, in the **Partner's Entity ID**, **Connection Name**, and **Base URL** fields, change *yourinstance* to your ServiceNow instance name. Click **Next**.

5. On the **Browser SSO** tab, configure browser SSO.

   For a complete guide, see [Configure IdP Browser SSO](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_spconnectionconfigtasklet_spbrowserssostate.html) in the PingFederate documentation.

   1. On the **Browser SSO > SAML Profiles** tab, select only **IdP-Initiated SSO** and **SP-Initiated SSO**.

   2. On the **Browser SSO > Protocol Settings > Allowable SAML Bindings** tab, select only **POST** and **Redirect**.

6. On the **Credentials** tab, configure the connection credentials.

   For a complete guide, see [Configuring credentials](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_spconnectionconfigtasklet_credentialsstate.html) in the PingFederate documentation.

   1. On the **Credentials > Digital Signature Settings** tab, from the **Signing Certificate** list, select the certificate that you want to use with ServiceNow.

   2. Select **Include the certificate in the signature \<KEYINFO> element**. Click **Done**.

7. On the **Activation and Summary** tab, above the **Summary** section, click the toggle button to enable the connection. Click **Save**.