We are using Google Suite based SAML app to setup SSO with Splunk Cloud.
As per https://www.youtube.com/watch?v=joMR8AbEQ20, the setup currently requires that each user is assigned 'role' metadata so that Splunk can provide the user with correct permissions.
Is there a way to avoid setting the 'role' field for a Google Apps user and have Splunk provide 'user' permissions by default?
3 years later, I have same question 🙂