cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
isplunktoo
New Member
Member since: ‎01-08-2024
‎01-08-2024
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎01-08-2024
View All

Enable Username/Password Authentication With SSO

by in Splunk Enterprise
‎01-08-2024 05:58 AM
‎01-08-2024 05:58 AM
  Hi, my employer uses Splunk Enterprise v9.1.2 which is running On-Prem. We have recently enabled SSO with Azure. After enabling SSO we noticed that authentication to the REST API no longer worked with PAT tokens or username/password authentication methods. I created an Authentication Extension script using the example SAML_script_azure.py script. I implemented the getUserInfo() function which has allowed users to authenticate to the REST API and CLI commands with PAT tokens. However, I have been unable to make username/password authentication work with the REST API or CLI since I enabled SSO. I tried adding a login() function to my Authentication Extension script but it does not work. The option for "Allow Token Based Authentication Only" is set to false. The login() function is not called when a user sends a request to API with username/password like this example:         curl --location 'https://mysplunkserver.company.com:8089/services/search/jobs?output_mode=json' --header 'Content-Type: text/plain' --data search="search index=main | head 1 " -u me         These are the documentation pages I have been referencing: https://docs.splunk.com/Documentation/Splunk/9.1.2/Security/ConfigureauthextensionsforSAMLtokens  https://docs.splunk.com/Documentation/Splunk/9.1.2/Security/Createtheauthenticationscript    It is possible to use username/password for API and CLI authentication with SSO enabled? ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎01-08-2024 03:12 PM