BIG-IP as IDP for Service-now instance

Does anybody successfully configure and test BIG-IP APM as IdP for service-now instance? Idp-initiated connection is working fine . If the user is authenticated, it will be redirect to the webtop. From there, the user can click on the link of the webtop resource (that is configured with SSO with service-now instance Service Provider (SP)) and All this work perfect

 

VPE Logon -------------AD Auth ---------------Advanced Resource assign -------------Allow Advanced Resource assign -------------- SAML Resource - Idp service for Service-now + Full webtop

 

But Sdp-initiated connection is failing. SdP URL : https://XXXXXdev.service-now.com After authenticating, the redirect page will not go anywhere and display "Connection was reset"

 

https://apm.XXXXX.com/saml/idp/profile/redirectorpost/sso?SAMLRequest=lVJBbtswEPyKwLtEiVKSmrAMKDaCGkhSIXZz6I0mVwkBilS5lJL%2BvjLtIumhCXrlzs7MznCJojds4M0Ynu0D%2FBwBQ%2FLaG4v8NKnJ6C13AjVyK3pAHiTfNXe3nGU5H7wLTjpDkgYRfNDOrp3FsQe%2FAz9pCd8fbmvyHMKAnFLohfAKpgxPw9S6l0y6nloxDeIJMuVIspktaCuOXG%2BbYuizuB3hR2tUq4HO%2Bp02QD0o7UEG5weHgSLOPDfOS4h31aQTBoEk201NdvfrhZKHfHHoyqqCksnDRZdXnRBXjF2J6uKynIHYCkQ9wdsq4ghbi0HYUBOWF1Va5Cn7si9KXlacsWzBLn%2BQpD0ncq2t0vbp4%2FgOJxDyr%2Ft9m7bfdvtIMGkF%2Fn5G%2F2dyj%2BAxpjZzk9UyFsijcf%2B%2B0489iT9FktVn4kv6XuIsOPCj8%2B2mdUbLX0ljjHtZexBhvib4EWIxvQj%2FdlFkRXzRKu0ilM8GtGmU8oBI6Oqs%2B%2FevXf0G&RelayState=https%3a%2f%2fXXXXXdev.service-now.com%2fnavpage.do&SigAlg=http%3a%2f%2fwww.w3.org%2f2000%2f09%2fxmldsig%23rsa-sha1&Signature=nA%2bXhUnwa%2fIiMMqR8aMOokIOXAVp9KziVj0YTxTBTVs7ic8x6pQt03TJ5G1hpd1B2qYliQ6aJ8ouUUzTTFnAtKGuBpHTIerYt%2byjqWloRRt%2fq04nYDh3Mhf8JHVtE3cSjtHmSpbJDnRCOzfgM%2fj48yIfxYmQi%2fVkVe3ifyJ7nwY%3d DECODED SAML REQUEST https://XXXXXdev.service-now.com

 

do you have any idea - what I need to check to resolve this issue?

 

Appreciate your feedback.

 

Regards Thasin