I am trying to find information in the docs of Splunk on how to setup encryption for the SAML assertions, but so far I haven't found anything, except a vague note saying "SAML does not support encryption". E.g. https://docs.splunk.com/Documentation/Splunk/7.3.0/Security/HowSAMLSSOworks
Does anyone here have some idea? Thanks in advance!
@t_walter - as far as I know it is Splunk that does not support token encryption. I've raised this as a ticket to Splunk Support and they were kind enough to explain to me that this is a missing feature currently and they will probably add it to future releases, but no commitment on exact versions or dates.
fyi: i requested what the state of this feature is:
answer from support:
'.. We do have an Epic for that work( SPL-189015 (https://jira.splunk.com/browse/SPL-189015) for your reference) which is slated for completion in our Cloud release at the beginning of August. There is not yet any release version or date for the on-premise work, and these are of course not fixed dates and subject to change. ..'
we also want to setup Splunk SSO with SAML and we are getting an EncryptedAssertion back from IdP (ADFS), which throws the error "Assertion node not found in SAML Response".
Is there any solution for this, or does Splunk not support encrypted SAML token?
Ok and you are or are not already using HTTPS to make the assertion?
also what is your idp?
Also, are you just wanting to encrypt the assertion itself as discussed here?