Hi,
I have enabled SSO authentication for my splunk instance. However, I am still able to login as local user with en-US/account/login?loginType=splunk option. Is there an option to disable this bypassing to tighten security?
You can not disable local authentication, but you can prevent it from working.
Bear in mind that you can luse dap from the cli, but not SAML.
Note any OS user with appropriate perms can perform steps 1-2 to regain access
Is there anyway we can turn the login page blank or something ?
no. I dont belive so.