SAML/SSO setting with Azure ID multi tenants

Security

Hello all,

I need to configure SAML/SSO with Splunk but i m having the following issues:

- I have 3 search heads in a cluster (without a load balancer 😕)

=> I can create a dedicated SAML config for each search head and disable the replication of the authentication.conf

- we have many tenants and we have users connecting from the different tenants to Splunk (currently we have multiple LDAP configurations)

=> I understood that Splunk only accepts one IdProvider with SAML, so users from other tenants will not be able to access splunk with SSO.

- ideally, we must have some users connecting with LDAP, but Splunk doesn't allow enabling both LDAP and SAML simultaneously 😕 or it is possible but requires a custom script for that.

Questions:

1- does anyone have worked on a script to enable LDAP and SAML ?

2- Any idea about the best config from Azure ID regarding the multi-tenants and the B2B collaboration?

3- Any advice in general how to better approach this issue? 🙏

Best

Get Updates on the Splunk Community!

SAML/SSO setting with Azure ID multi tenants

authentication

LDAP

SAML

Accelerating Observability as Code with the Splunk AI Assistant

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Congratulations to the 2025-2026 SplunkTrust!

Join the Conversation

SAML/SSO setting with Azure ID multi tenants

authentication

LDAP

SAML

Accelerating Observability as Code with the Splunk AI Assistant

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Congratulations to the 2025-2026 SplunkTrust!