SAML Authentication: Stuck on Terms of Service Pag...

sheenay · ‎07-22-2019

Hey All,

I'm setting up SAML authentication in our new Splunk Cloud environment and everything appears to be working with our on-prem home grown identity provider as I'm getting to our authentication source and logging in successfully. However after I do I get presented with the Splunk Cloud terms of service page and appear to get stuck in a loop when I press "Accept" and "Ok", it just takes me back to the same page.

Has anyone run into this with Splunk Cloud and if so how have you been able to fix it?

Thanks!

anonymous777 · ‎06-22-2022

There is nothing worse than a SOLVED question with no public solution.

So here's the likely solution: When sending RelayState back to the sP (Splunk), it must be changed to the base64 form of something like return_to=/en-US/&username=USERNAME&accepted_tos=1 and sent along with the base64 encoded SAMLResponse from the idP.

mydog8it · ‎07-30-2019

Can you log in to Splunk Cloud using splunk auth? If so, take a look at the user account that should be created when the SAML user authenticates. Does the SAML account look correct?

woodcock · ‎07-25-2019

They broke all of their domains last week but it is supposed to be fixed now.

sheenay · ‎07-30-2019

Thanks for the info, unfortunately looks like that wasn't my issue since I'm still hitting the TOC page.

woodcock · ‎07-30-2019

You should open a support case.

SAML Authentication: Stuck on Terms of Service Page

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!