Would it possible to report on which users are logging into ServiceNow via SSO and which users are logging into ServiceNow via entering username/password? - Support and Troubleshooting

Would it possible to report on which users are logging into ServiceNow via SSO and which users are logging into ServiceNow via entering username/password? Description Would it possible to report on which users are logging into ServiceNow via SSO and which users are logging into ServiceNow via entering username/password?

Release or Environment All

Instructions When a user login via SSO, the platform generates an event "external.authentication.succeeded" and also one "login" event at the same time, so by using the login event we update the user's last logged-in date and time

the only way to check if the user logged in using SSO or Basic auth is if there is only a login event and no "external.authentication.succeeded" at the same time, apart from this as of now there is no other alternative to check how the user base is logged into the Instance

NOTE: Events will be available only for 5 days

To disable the local login, please use the Account recovery plugin which will disable all local logins and only allow users with certain roles to login locally when there is an SSO outage

more about ACR: https://docs.servicenow.com/bundle/rome-platform-security/page/integrate/single-sign-on/concept/sso-acct-recovery.html