Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do I add the "edit_tokens_settings" capability to the Roles capability list?

nicholashartman
New Member
‎07-15-2019 03:09 PM

I need to enable hardware token authentication for Splunk login via LDAP which is configured for smart card/token authentication. While running through the Splunk instructions for enabling token authentication, it indicates that I need to add the "edit_tokens_settings" capability for the admin role which will allow me to enable or disable token authentication. However, that capability is missing from the list under Access Controls>Roles>Admin. Further, the instructions say to go under settings and there should be a 'Tokens' page but that's missing as well. What am I missing? Is there an Add-on that enables this? Are the instructions I'm looking at for soft token authentication and I'm barking up the wrong tree? Any help would be appreciated!

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

horsefez
Motivator
‎07-15-2019 03:49 PM

Hey @nicholashartman,

do you have the chance to edit authorize.conf directly on the server?

https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/authorizeconf#.5Bcapability::edit_tokens_se...

You can simply add the following settings in your local authorize.conf (If there isn't a local authorize conf yet, make one)

[admin]
edit_tokens_settings = enabled

View solution in original post

Reply
Solved! Jump to solution

nicholashartman
New Member
‎07-15-2019 04:07 PM

Thanks for the reply! I can try that - I don't have access at the moment so I was trying to go the GUI route or see if anyone knew why the options weren't showing.

0 Karma
Reply
Solved! Jump to solution
Solution

horsefez
Motivator
‎07-15-2019 03:49 PM

Hey @nicholashartman,

do you have the chance to edit authorize.conf directly on the server?

https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/authorizeconf#.5Bcapability::edit_tokens_se...

You can simply add the following settings in your local authorize.conf (If there isn't a local authorize conf yet, make one)

[admin]
edit_tokens_settings = enabled

Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

🍂 Fall into November with a fresh lineup of Community Office Hours, Tech Talks, and Webinars we’ve ...

Transform your security operations with Splunk Enterprise Security

Hi Splunk Community, Splunk Platform has set a great foundation for your security operations. With the ...

Splunk Admins and App Developers | Earn a $35 gift card!

Splunk, in collaboration with ESG (Enterprise Strategy Group) by TechTarget, is excited to announce a ...