Splunk SOAR
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Phantom SAML SAML2 authentication error Signature missing for response

eugeneAq
Engager
‎06-14-2021 06:25 PM

We were configuring our phantom instance for saml sso login and we are encountering the following error.

SAML2 authentication error

Signature missing for response

We have already configured every field here.
Are we missing anything? Would we need to configure the idp chains or certficates.

0 Karma
Reply

ramanpuri2510
Loves-to-Learn Lots
‎08-12-2021 08:57 PM

Hi I am doing OKTA SAML integration with Phantom and getting the below error.

SAML2 Authentication Error'NoneType' object has no attribute 'require_signature

Can i know if any option to make the AuthnRequestsSigned="true to false? or any other suggestions.. I have tried disabling the signing on both okta and phantom

0 Karma
Reply

sam_splunk
Splunk Employee
Splunk Employee
‎06-16-2021 09:58 AM

It sounds like your IdP is not signing the assertion.  You'll want to want to ensure that is occuring. You can install a browser plugin like SAML-TRACER  to view the assertions as they make their way to Phantom to ensure the signature is present. 

While it may not be your IDP - https://github.com/phantomcyber/phantom-community-projects/blob/master/Questions/SSO/SAML/PingFedera... has some details of setting up SSO with SAML (that doc is PingFederate specifically).

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Watch On Demand the Tech Talk, and empower your SOC to reach new heights! Duration: 1 hour  Prepare to ...

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...