Security

Splunk with SAML authentication

splunkgk
Path Finder

Hi,

I am configuring Splunk access control with SAML onelogin and I have uploaded the onelogin IdP meta data file to splunk. After configuration splunk app is redirecting to onelogin login page. But getting a message like

"Federation Exception: Missing Assertion Consumer Service URL. Please contact your administrator."
Does any one know how do i get Consumer URL for splunk ?

-thanks

Tags (1)

aaron_gibby
Engager

Is the AuthNRequest signed? For some reason, Splunk does not include the ACS URL in unsigned assertions.

In your authentication.conf file, set the following attribute:

[<saml-authSettings-key>]
signAuthnRequest = true

 

0 Karma

suarezry
Builder

It's in your splunk SP metadata:
https://yoursplunk.yourfqdn.ca:8000/saml/spmetadata

Look for the following tag:

<md:AssertionConsumerService  Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"  Location="https://yoursplunk.yourdomain.ca/saml/acs"  index="0">
Get Updates on the Splunk Community!

Security Highlights: September 2022 Newsletter

 September 2022 The Splunk App for Fraud Analytics (SFA) is now Splunk SupportedUse your existing Splunk ...

Platform Highlights | September 2022 Newsletter

 September 2022 What’s New in 9.0 and How to UpgradeGet a walk through of what is new Splunk Enterprise 9.0 ...

Observability Highlights | September 2022 Newsletter

 September 2022 Splunk Observability SuiteAccess to "Classic" SignalFx Interface Will be Removed on Sept 30, ...