https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379415#M4633 <P>Yes! The communication is HTTPS with certificates between the two systems but the token inside is not encrypted.</P> Thu, 11 Jul 2019 09:42:10 GMT vanvan 2019-07-11T09:42:10Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379409#M4627 <P>Hi,</P> <P>I am trying to find information in the docs of Splunk on how to setup encryption for the SAML assertions, but so far I haven't found anything, except a vague note saying "SAML does not support encryption". E.g. <A href="https://docs.splunk.com/Documentation/Splunk/7.3.0/Security/HowSAMLSSOworks">https://docs.splunk.com/Documentation/Splunk/7.3.0/Security/HowSAMLSSOworks</A></P> <P>Does anyone here have some idea? Thanks in advance!</P> Fri, 05 Jul 2019 05:55:35 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379409#M4627 vanvan 2019-07-05T05:55:35Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379410#M4628 <P>Can you tell us which step in the image linked below that you're trying to encrypt?</P> <P><A href="https://images.app.goo.gl/HTSBFSyATeACqKrT8">https://images.app.goo.gl/HTSBFSyATeACqKrT8</A></P> Sun, 07 Jul 2019 11:58:03 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379410#M4628 jkat54 2019-07-07T11:58:03Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379411#M4629 <P>Hi,<BR /> Accoring to our SAML specialists we are talking about the "token" in the SAML assertion, which looks lik step #4 from the diagram. </P> Tue, 09 Jul 2019 06:16:53 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379411#M4629 vanvan 2019-07-09T06:16:53Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379412#M4630 <P>Ok and you are or are not already using HTTPS to make the assertion?</P> <P>also what is your idp?</P> <P>Also, are you just wanting to encrypt the assertion itself as discussed here?</P> <P><A href="https://www.componentspace.com/Forums/8819/Is-it-required-to-encrypted-the-Assertion-in-IDP-SSO-Response-What-is-the-benefit-of-encrypting-the-">https://www.componentspace.com/Forums/8819/Is-it-required-to-encrypted-the-Assertion-in-IDP-SSO-Response-What-is-the-benefit-of-encrypting-the-</A></P> Tue, 09 Jul 2019 12:06:48 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379412#M4630 jkat54 2019-07-09T12:06:48Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379413#M4631 <P>Yes, we are using HTTPS.<BR /> We are using Azure AD.<BR /> And yes, we want to encrypt the assertion exactly like in that URL you've provided above.</P> Wed, 10 Jul 2019 06:27:48 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379413#M4631 vanvan 2019-07-10T06:27:48Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379414#M4632 <P>Are you signing the auth request and it still isn't encrypting it?</P> Wed, 10 Jul 2019 14:41:39 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379414#M4632 jkat54 2019-07-10T14:41:39Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379415#M4633 <P>Yes! The communication is HTTPS with certificates between the two systems but the token inside is not encrypted.</P> Thu, 11 Jul 2019 09:42:10 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379415#M4633 vanvan 2019-07-11T09:42:10Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379416#M4634 <P>Hello</P> <P>we also want to setup Splunk SSO with SAML and we are getting an EncryptedAssertion back from IdP (ADFS), which throws the error "Assertion node not found in SAML Response".<BR /> Is there any solution for this, or does Splunk not support encrypted SAML token?</P> Mon, 10 Feb 2020 15:56:08 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379416#M4634 t_walter 2020-02-10T15:56:08Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379417#M4635 <P>@t_walter - as far as I know it is Splunk that does not support token encryption. I've raised this as a ticket to Splunk Support and they were kind enough to explain to me that this is a missing feature currently and they will probably add it to future releases, but no commitment on exact versions or dates.</P> Tue, 11 Feb 2020 06:35:05 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/379417#M4635 vanvan 2020-02-11T06:35:05Z https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/508750#M4636 <P>fyi: i requested what the state of this feature is:</P><P>answer from support:</P><P>'.. We do have an Epic for that work( SPL-189015 (<A href="https://jira.splunk.com/browse/SPL-189015" target="_blank">https://jira.splunk.com/browse/SPL-189015</A>) for your reference) which is slated for completion in our Cloud release at the beginning of August. There is not yet any release version or date for the on-premise work, and these are of course not fixed dates and subject to change. ..'</P> Mon, 13 Jul 2020 07:47:15 GMT https://community.splunk.com/t5/Knowledge-Management/SAML-Assertion-Encryption-for-Splunk/m-p/508750#M4636 florianzimm 2020-07-13T07:47:15Z