SHA-256 support for Single Sign OnDescriptionHow to configure your Identity Provider to use SHA-256 instead of the default SHA-1 algorithm Release or EnvironmentAll releasesInstructionsEnable the SAML 2.0 Keystore_Key2048_SHA256 SHA-256 keystore under x509 Certificate within the Multi-Provider SSO menu. https://<instance-name>.service-now.com/nav_to.do?uri=sys_certificate.do?sys_id=3685fc22930212003c5537ae867ffb9 Set the system property glide.authenticate.sso.saml2.keystore to the sys_id of that SHA-256 keystore, to set it as the default keystore for signing identity provider SAML requests. https://<instance-name>.service-now.com/nav_to.do?uri=sys_properties.do?sys_id=b4c45688db8bff4044a6413b3a9619e2ther On the Identity Provider record- - Set the Identity Provider's SingleLogoutRequest field. For ex) if you are using ADFS- https://<adfs.url.com>/adfs/ls where <adfs.url.com> - Set the credentials for the Signing/Encryption Key Alias and Signing/Encryption Key Alias on the identity provider record in ServiceNow. Default value for each is: saml2sp - Set the Signing Signature Algorithm to be the SHA-256 specification which is http://www.w3.org/2001/04/xmldsig-more#rsa-sha256. Please double check that SHA-256 is also set on the Relaying Party Trust on the IdP side - Tick the Sign AuthnRequest - Once all this is set, use the Generate Metadata button in ServiceNow for the identity provider, to generate the XML for importing into the IdP