Hi.
I'm using Splunk Enterprise 9.0.4 on-Prem.
The Search head has been set up with AzureAD as IdP and normal user login functions as expected.
I tried to connect the Splunk Mobile App to my search head, but it complains that "SAML needs to be set up for Connected Experiences before devices can be registered", so I log on as administrator, and navigate to "SAML Configuration" in Splunk Secure Gateway. Here it states, that I need to connect to a SAML IdP, and when I look at Okta or Azure it states this: "To use Okta or Azure, use a provided authentication script to establish a persistent connection."
Now it seems that there should be a provided script, that I can use in my SAML configuration, I just can't find anywhere, where it states wich script it is.
Hopefully someone is less blind than me, and can point me in the right direction.
Kind regards
/las
This was solved with the help of PS.
On the Application API in AzureAD add the User.read.All of type Application to the configured permissions.
Remember to add all the users that needs to access Splunk to the Enterprise Application
This was solved with the help of PS.
On the Application API in AzureAD add the User.read.All of type Application to the configured permissions.
Remember to add all the users that needs to access Splunk to the Enterprise Application