From a customer: 

we have VRA 7.2 + ServiceNow (H release) configured on separate domains.   We have our corporate ADFS solution providing PasswordProtectedTransport between VRA and the ADFS solution.   SNOW is configured to use the same ADFS solution.   When we turn on the SNOW-->VRA7.2 plugin, SNOW forwards users through VRA for authentication, resulting in an OAuth error when network access is allowed to the user, and a timeout when not. 

We need for users to not go through VRA in the first place, the point of ADFS is so we can have a centralized trust for authentication, while allowing 3rd party apps to provide their own repository of groups, roles, etc.  The benefit we were hoping to get out of the VRA plugin for SNOW is to allow the creation of VRA requests from ServiceNow, without requiring network access to the VRA server itself in the first place (ServiceNow uses Mid servers to allow this to work).

We can get through the instructions to the point where we start running the scripts, but they all fail with:

REST call error found inside VRASNAuthGenerator.generateAuthCode: Method failed: (/identity/api/tokens) with code: 400