Hi Experts,
The documentation indicates that Splunk Cloud supports encrypted assertions with SAML SSO:
https://docs.splunk.com/Documentation/SplunkCloud/8.2.2202/Security/HowSAMLSSOworks
"Configure automatic decryption of SAML assertions from an IdP"
However, the instructions for obtaining the Splunk instance's encryption certificate appear to be for Splunk Enterprise installs, not for Splunk Cloud. For example, "On your Splunk platform instance, change to the $SPLUNK_HOME/etc/auth directory."
A little help?
Hi Akermaier,
Were you able to configure SAML assertion decryption in Splunk Cloud ?
We are trying to configure the same and got the publicKey.crt file from Splunk support but facing an error while configuring with idp team, error is mentioned below:
Verification of SAML assertion using the IDP's certificate provided failed. Error: start node xmlSecNodeSignature not found in document
have you seen this issue if you have configured saml assertion decryption, if yes, how is it resolved ?
Thanks