Upgrade instructions for the New York and later Multi-SSO pluginIn New York (NY) and later releases, we are upgrading the Multi-SSO plugin to use the OpenSAML 3 library with the SAML 2 protocol. Changes include modifications to the existing Script includes, Installation Exits, and other related changes. If you are upgrading to the NY release and have done any customizations to these resources, these instructions will guide your upgrade to the updated Multi-SSO plugin. Target Audience Any customer who upgrades to NY or later but Multi-SSO has not been upgraded to the new Multi-SSO plugin. To verify: Navigate to All Properties.Search for the Property by name – 'glide.authenticate.multissov2_feature.enabled' If this property is not found in the instance or the property value is set to false, then it effectively means that you have not upgraded the Multi-SSO plugin. Upgrade Path for the Multi-SSO plugin After the instance upgrade is complete, please review the following instructions before starting MultiSSO plugin upgrade to V2 version: If you have NOT made changes to the Multi-SSO or E-signature Plugin related files(e.g. script includes, installation exits etc), then go directly to the section in the article labeled Steps to Upgrade the Multi-SSO plugin.Note: If there are any PRB fixes done by SNC, those will be taken care of automatically during upgrade. Proceed to Steps to Upgrade the Multi-SSO plugin.How to check for changes:Go to each instanceGo to the Filter NavigatorSearch for "Multi"Go to "Installation Exits" and "Single Sign-On Scripts"Click on the Update Personalized List and add "Updated by"If you only see Admin or maint ....then there have been no changes made and you are good to proceed to the next step.If you have made any changes or customizations to either the Multi-SSO or E-signature plugin related files, then refer to the NY release notes (KB Article) for Out of the Box available customization samples and check if you have done similar customizations. If you find a sample related to your customizations, then apply them exactly as specified in the document. After you apply these changes, go to the section in the article labeled Steps to Upgrade the Multi-SSO plugin. Steps to Upgrade to the NY and later Multi-SSO plugin Create the system property glide.authenticate.multissov2_feature.enabled. Name – glide.authenticate.multissov2_feature.enabledType – true | falseValue – true Navigate to your Identity Provider record, go to the advanced tab and update the Single Sign-On Script to 'MultiSSOv2_SAML2_custom'. Perform a 'Test connection', but do not save the form. If Test Connection is successful: Save the Identity Provider form.On the Multiple Provider SSO Properties page, disable the property Enable multiple provider SSO and save the form.Continue on the Multiple Provider SSO Properties page and enable Enable multiple provider SSO and save the form. Once the Multi-SSO plugin is enabled, the new Installation Exits will be active. Your instance should reflect this: If Test Connection is NOT successful, do not save the form changes and set the property 'glide.authenticate.multissov2_feature.enabled' to 'false' and reach out to Customer Support to upgrade to the newer Multi-SSO plugin. Troubleshooting If you are blocked on your logins after you upgrade the Multi-SSO plugin: Rollback to pre-NewYork Multi-SSO plugin. Update the property value 'glide.authenticate.multissov2_feature.enabled' to 'false'.On the Multiple Provider SSO Properties page, if the property Enable multiple provider SSO is enabled, then disable it and save the form.Continue on the Multiple Provider SSO Properties page and enable and save the Enable multiple provider SSO property. Perform a Test Connection for your active Identity Provider(s). If Test Connection is successful, you have successfully reverted back to the pre-NY Multi-SSO plugin.If Test Connection not successful, then contact ServiceNow Customer Support. Note : Please also check the workaround mentioned in :KB0778460