I have 4 SH cluster members for which i have to integrate SAML. Our AD team is asking the below information reply URL.
Do i need to give all the 4 url ?
Also do i need to configure the SAML on all 4 SH UI ? please do share your thoughts.
SAML-based Sign-on Attributes Value -
Reply URL (Assertion Consumer Service URL)
I don't have an answer for the Reply URL, but yes, you need to configure SAML on all SHs. Don't use the UI, however, push an app from your deployer.
Perhaps the easiest way is first to configure SAML on your deployer. Then copy the $SPLUNK_HOME/etc/system/local/authentication.conf file to $SPLUNK_HOME/etc/shcluster/apps/org_SAML_auth/default. Use the
splunk apply shcluster-bundle command to send the app to SHC members. After that is done you can turn off SAML on the deployer, if you wish.