Splunk SOAR (f.k.a. Phantom)

Splunk HTTP app failing to authenticate w/ OAuth

knot9
Observer

I'm configuring the SOAR/Phantom app - Splunk HTTP. I've set it up to use OAuth, provided the authentication URL and the clientID & secret. When I test connectivity it says the action failed with: "1 action failed Error fetching token from https://api.domain/oauth2/token. Server returned 201". The thing is the API is supposed to return a 201 when the authentication succeeds. 

Is there a place to edit the app to allow a 201 response as a successful request? 

Labels (2)
0 Karma
*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!

Review:





Or Learn More in Our Blog >>