Splunk Enterprise

Configuring SAML via .conf files only - can it be done?

kozanic_mg
Explorer

We are deploying SHC into AWS via  pipeline code and attempting to configure SAML integration as part of the build but having some issues.

When I check using btool, all the saml details are correct, but if I check details via the GUI - nothing is populated and when I attempt to use SAML to login - I get errors about blank content being passed.

If I update the GUI as well - then things seem to work - but this is not something we want to do every time we do a new build.

Just wondering if anyone else out there has come across this and worked something out?

Labels (2)
0 Karma
1 Solution

kozanic_mg
Explorer

So... worked out that I was missing IDP cert change within my new build, once added everything just started working and all SAML settings available within GUI as well.

View solution in original post

0 Karma

kozanic_mg
Explorer

So... worked out that I was missing IDP cert change within my new build, once added everything just started working and all SAML settings available within GUI as well.

0 Karma

kozanic_mg
Explorer

After a weekend to clear the brain - I have found this which indicates that config can be done via .conf files: 
https://docs.splunk.com/Documentation/Splunk/8.1.3/Security/ConfigureSAMLSSO

Now I just have to figure out why it's not working in my environment and why the settings I have configured via files are not showing in the GUI

0 Karma
Get Updates on the Splunk Community!

Maximize the Value from Microsoft Defender with Splunk

<P style=" text-align: center; "><span class="lia-inline-image-display-wrapper lia-image-align-center" ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

<FONT size="5"><FONT size="5" color="#FF00FF">Get the latest news and updates from the Splunk Community ...