Security

SAML v2.0 support in Splunk

vRob
Engager

With the release of 6.3.0 Splunk supports natively supports SAML 2.0

I've got some questions about some sentences in the document 'About Single Sign-on using SAML'

First question:

it is stated: "Currently, PingIdentity is the only supported identity provider"

Does this mean that any other identity provider cannot be used in combination with Splunk, or does this mean that possible any SAML provider may work but is not tested nor certified by Splunk?

Second question:

In the same document: "Currently SSO with SAML is not supported for off-site configurations." how should this be read?
Does this mean that it is just not supported/possible to use with Splunk Cloud? How about a Splunk Enterprise setup hosted in some public cloud? Aws/Azure etc? Would it be supported there?

Thanks!

esix_splunk
Splunk Employee
Splunk Employee

PingIdentity is the only SAML provider supported in Splunk Cloud at this moment. As we move forward, OKTA, ADFS and a few other providers are going to be added to the out of the box supported list.

That being said, its based on OpenSAML and if your SAML implementation supports the required options, you should be able to integrate it into on premises Splunk.

0 Karma

tshen_splunk
Splunk Employee
Splunk Employee

Hi vRob,

Answer 1: Yes, only PingIdentity is supported, will not work with any other one.
Answer 2: Splunk Enterprise is supported no matter where you host your splunk.

Thanks,
Tim

0 Karma

zhaokun
New Member

I want write an IDP to connection Splunk, but I don't dnow what is Splunk saml need.

0 Karma

tshen_splunk
Splunk Employee
Splunk Employee

Hi Kun,

What do you mean by writing an IDP? Implementing one?
Please refer to this doc about the IDP that Splunk supports in latest release, http://docs.splunk.com/Documentation/Splunk/7.0.0/Security/HowSAMLSSOworks.

Thanks,
Tim

0 Karma

zhaokun
New Member

How I write a IDP to connection Splunk SAML?

0 Karma