Splunk Cloud Platform
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Saml response does not contain group information (Okta)

Lien
Explorer
‎06-08-2025 07:53 PM

I am using Okta to configure SAML for splunk.

Following the step of introduction, I created a SAML group in Splunk and same group name in Okta. Made a role mapping. 

https://saml-doc.okta.com/SAML_Docs/How-to-Configure-SAML-2.0-for-Splunk-Cloud.html

When finished the setup, the logon page is through Okta but it got below error message after filled in user email and password in Okta logon page.

Saml response does not contain group information.

Attached the output of saml-tracer addon. 

Did I miss something?

 

 

 

Labels (1)
Labels
Tags (1)
Preview file
147 KB
0 Karma
Reply

Lien
Explorer
‎06-09-2025 04:11 PM

Hi @livehybrid , 

Thank you for your reply. I only created one group. I am using Splunk cloud trial version. Is there any limitation for setting up SSO?

Also another problem is once it shows that error page, I could not logon with local user anymore. It redirect to Okta when I access. Then I lost opportunity to logon Splunk Cloud.

0 Karma
Reply

sainag_splunk
Splunk Employee
Splunk Employee
‎06-09-2025 08:21 PM

@Lien unfortunately, its not supported for the splunkcloud trial version.

https://docs.splunk.com/Documentation/SplunkCloud/latest/Admin/TypesofSplunkClouddeployment

 

 

 

If this Helps, Please Upvote!

If this helps, Upvote!!!!
Together we make the Splunk Community stronger 
Reply

livehybrid
SplunkTrust
SplunkTrust
‎06-09-2025 03:27 AM

Hi @Lien 

I assume your user has been assigned to a relevant group in Okta that is relevant to the Splunk application? 

I have seen an issue before with users who having 100+ groups where the SAML response doesnt send the groups, I wonder if that could be the case here - does your user have a high count of groups in Okta?

I dont know if you have seen this but it may be useful? https://splunk.my.site.com/customer/s/article/SAML-user-unable-to-login

🌟 Did this answer help you? If so, please consider:

  • Adding karma to show it was useful
  • Marking it as the solution if it resolved your issue
  • Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing

Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you leveraging automation to its fullest potential in your threat detection strategy?Our upcoming Security ...

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

Boston may be buzzing this September with Splunk University and .conf25, but you don’t have to pack a bag to ...

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...