On your Splunk Search Head you must configure the SAML roles to map to Splunk roles. Click "Settings" - "Access controls" - "Authentication method" - "SAML settings" In the upper right corner, click the "New Group" button. Given the information you provided, name your new group "admin" and then assign it the Splunk role of "admin" Make sure the cookies a cleared before retest. I didn't look at the SAML response close enough to determine if you need to remap an attribute. Provided everything else is good this should work. ... View more