Splunk Enterprise

Enable Username/Password Authentication With SSO

isplunktoo
New Member

 

Hi,

my employer uses Splunk Enterprise v9.1.2 which is running On-Prem. We have recently enabled SSO with Azure.

After enabling SSO we noticed that authentication to the REST API no longer worked with PAT tokens or username/password authentication methods.

I created an Authentication Extension script using the example SAML_script_azure.py script. I implemented the getUserInfo() function which has allowed users to authenticate to the REST API and CLI commands with PAT tokens.

However, I have been unable to make username/password authentication work with the REST API or CLI since I enabled SSO. I tried adding a login() function to my Authentication Extension script but it does not work. The option for "Allow Token Based Authentication Only" is set to false. The login() function is not called when a user sends a request to API with username/password like this example:

 

 

 

 

curl --location 'https://mysplunkserver.company.com:8089/services/search/jobs?output_mode=json' --header 'Content-Type: text/plain'  --data search="search index=main | head 1 " -u me

 

 

 

 

These are the documentation pages I have been referencing:

https://docs.splunk.com/Documentation/Splunk/9.1.2/Security/ConfigureauthextensionsforSAMLtokens 

https://docs.splunk.com/Documentation/Splunk/9.1.2/Security/Createtheauthenticationscript 

 

It is possible to use username/password for API and CLI authentication with SSO enabled?

Labels (2)
0 Karma
Get Updates on the Splunk Community!

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...