Security

How do I add the "edit_tokens_settings" capability to the Roles capability list?

nicholashartman
New Member

I need to enable hardware token authentication for Splunk login via LDAP which is configured for smart card/token authentication. While running through the Splunk instructions for enabling token authentication, it indicates that I need to add the "edit_tokens_settings" capability for the admin role which will allow me to enable or disable token authentication. However, that capability is missing from the list under Access Controls>Roles>Admin. Further, the instructions say to go under settings and there should be a 'Tokens' page but that's missing as well. What am I missing? Is there an Add-on that enables this? Are the instructions I'm looking at for soft token authentication and I'm barking up the wrong tree? Any help would be appreciated!

0 Karma
1 Solution

pyro_wood
SplunkTrust
SplunkTrust

Hey @nicholashartman,

do you have the chance to edit authorize.conf directly on the server?

https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/authorizeconf#.5Bcapability::edit_tokens_se...

You can simply add the following settings in your local authorize.conf (If there isn't a local authorize conf yet, make one)

[admin]
edit_tokens_settings = enabled

View solution in original post

nicholashartman
New Member

Thanks for the reply! I can try that - I don't have access at the moment so I was trying to go the GUI route or see if anyone knew why the options weren't showing.

0 Karma

pyro_wood
SplunkTrust
SplunkTrust

Hey @nicholashartman,

do you have the chance to edit authorize.conf directly on the server?

https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/authorizeconf#.5Bcapability::edit_tokens_se...

You can simply add the following settings in your local authorize.conf (If there isn't a local authorize conf yet, make one)

[admin]
edit_tokens_settings = enabled

View solution in original post