Splunk Cloud Platform
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Cannot create Private Locations via API because org access tokens cannot receive enough of permissions

jiriwetter
Observer
‎12-09-2025 01:29 AM

We are unable to create Private Locations in Splunk Observability Cloud using the documented API endpoint: POST /v2/synthetics/locations

Although my user account has the admin role in the organization, organization access tokens cannot be assigned the admin role. The UI allows selecting only these roles:

  • power

  • read_only

  • usage

According to the documentation, these are the only roles available when creating org-tokens with API scope.
Reference: https://help.splunk.com/en/splunk-observability-cloud/administer/authentication-and-security/authent...

However, the ability to manage Private Locations via API ?requires? admin-level permissions, which are not included in the power/read_only/usage roles. Therefore, the API call fails due to insufficient permissions, even though the user who created the token is an administrator.

User-role documentation: https://help.splunk.com/en/splunk-observability-cloud/administer/user-and-team-management/manage-rol...

We would like to clarify:

  1. Whether creating Private Locations using organization access tokens is officially supported.

  2. If yes, how we can assign the necessary admin-level permissions to the token.

  3. If not supported, whether this is an intended product limitation and whether support for this use case is planned.

  4. Whether the recommended workaround is to rely on short-lived user session tokens instead.

This behavior prevents the automation of Private Location provisioning, even though the API endpoint is documented and intended for such use.

Labels (1)
Labels
0 Karma
Reply

jiriwetter
Observer
‎12-09-2025 05:29 AM

@livehybrid That's my mistake. I fixed it - the correct path is /v2/synthetics/locations. However, this does not change anything in the assignment.

curl -X POST "https://api.eu1.signalfx.com/v2/synthetics/locations" -H "Content-Type: application/json" -H "X-SF-TOKEN: **********" -d '{"location":{"id":"private-data-center","label":"Data Center"}}'
{"errors":["Not Authorized"]}

The token has all the available roles listed in the documentation above.

Edit: I just want to add that listing the existing ones works. So the token itself is fine, at least for this operation.

0 Karma
Reply

livehybrid
SplunkTrust
SplunkTrust
‎12-09-2025 02:32 AM

Hi @jiriwetter 

Where did you find the url /v2/private-locations ?  Can you confirm that you are talking about Splunk Synthetic private location?

From what I understand, you need to first create the private location if not done so already:

curl -X POST "https://api.{REALM}.signalfx.com/v2/synthetics/locations" \
    -H "Content-Type: application/json" \
    -H "X-SF-TOKEN: <value>" \
    -d '{
            "location": {
                "id": "private-data-center",
                "label": "Data Center"
            }
        }'

You would then request a runner token for that location:

curl -X POST "https://api.{REALM}.signalfx.com/v2/synthetics/locations/{location_id}/runner_tokens" \
    -H "Content-Type: application/json" \
    -H "X-SF-TOKEN: <value>"

You would then use the token received to create you private location runner: https://help.splunk.com/en/splunk-observability-cloud/monitor-end-user-experience/synthetic-monitori...

🌟 Did this answer help you? If so, please consider:

  • Adding karma to show it was useful
  • Marking it as the solution if it resolved your issue
  • Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...

Global Splunk User Group Events: May + June 2026

Your Splunk Community Awaits: Discover Upcoming User Group Events Worldwide    Staying ahead in the fast-paced ...