Why don't you just configure vRA with the groups that need to login there only? It sounds like you're using the ITSM plug-in or something else. So is ADFS in the mix?
We are currently using ADFS. The problem is that upon logging into SNOW via ADFS, all sessions are redirected temporarily to vRA. This adds between 3 and 15 seconds to the logon process and is unnecessary for the vast majority of our users. We would like to know if it is possible to limit the redirection to a specific set of groups.
vRA is properly configured and the redirected users would not be granted access if they did not hold appropriate privilege. If I login with a user that doesn't hold privilege, it seems to force a logout action. The user is then stuck in a loop and cannot get to SNOW.
Our TAM was able to get an answer from the product team. Please see below:
Users with VRA_USER role in ServiceNow will only be redirected to VRA. If this role is not assigned to the ServiceNow user then they will be not having access to VRA catalogue item