Security

Rest call to get list of all apps and join it with SAML groups

avakash1109
New Member

Hi,

I'm using this search to join the apps with their respective SAML group roles

 

| rest /services/authentication/users splunk_server=local 
    | table defaultApp defaultAppSourceRole title roles 
    | rename defaultApp as splunk_app_name defaultAppSourceRole as defaultrole title as User
  | eval splunk_app_name= lower(splunk_app_name)
  | join defaultrole type=outer 
    [| rest /services/admin/SAML-groups 
    | table roles title id 
    | rename roles as defaultrole title as idm_role_name]
    |dedup splunk_app_name,id

 

 

The only issue is I'm not getting all of the apps with this rest call (probably 2/3rd of all apps)

 

 

| rest /services/authentication/users splunk_server=local 

 

 

I've tried using other calls like

  • | rest /services/authorization/roles
  • | rest /services/apps/local

but couldn't join them with SAML REST call

I need help finding a way to show all apps and then merge it with their SAML groups roles

Thank you

Labels (3)
Tags (5)
0 Karma
Get Updates on the Splunk Community!

Accelerate Service Onboarding, Decomposition, Troubleshooting - and more with ITSI’s ...

Accelerate Service Onboarding, Decomposition, Troubleshooting - and more! Faster Time to ValueManaging and ...

New Release | Splunk Enterprise 9.3

Hi Splunky people! We are excited to share the newest updates in Splunk Enterprise 9.3!Admins and Analyst can ...

2024 Splunk Career Impact Survey | Earn a $20 gift card for participating!

Hear ye, hear ye! The time has come again for Splunk's annual Career Impact Survey!  We need your help by ...