Enable users on Splunk intelligence Management using Okta
install and configure the Okta app to provide secure and reliable single sign-on (SSO) access to the Splunk Intelligence Management web app. The Okta app uses the SAML 2.0 standard to enable single sign-on (SSO). For more information on SAML, see Okta's SAML documentation.
Okta SSO does not impact or change API credentials. Usage of Python SDK or any other vendor integrations remain unimpacted when you switch a user from non SSO to SSO-enabled login credentials.
When using the Okta app for SSO, the Okta app is the identity provider (IDP) and the Splunk Intelligence Management app is the service provider (SP).
You must be an Okta administrator to enable users on Splunk intelligence Management using Okta.
Follow these steps to set up Splunk intelligence Management with Okta:
- Install the Splunk Intelligence Management app for Okta.
The Splunk intelligence Management app for Okta is different from the Splunk intelligence Management web app.
- Enable users in Okta.
- Enable Okta single sign on in Splunk Intelligence Management web app.
Install the Splunk Intelligence Management app for Okta
Perform the following steps to install the Splunk Intelligence Management app in Okta:
- Log in to your Okta instance as an administrator.
- Click the Add Apps button to start the process to download and install the Splunk Intelligence Management app.
- Search for Splunk Intelligence Management in the Search bar.
- Click Add on the Splunk Intelligence Management popup.
If you are not in the administrator mode, change the mode by clicking Admin at the top of the Okta window.
- Click Applications tab.
- Click the link for the Splunk Intelligence Management app.
- Click the Sign On tab in the menu bar.
- Click the Identity Provider metadata link.
Clicking the Identity Provider metadata link downloads a metadata file.
- Contact Splunk Intelligence Management support to request activation.
Specify the following information in the email:
- Subject line format: <Your company name> - Okta metadata. For example:
ABC Co - Okta metadata
- Body of email: Link to the metadata file. For example: https://dev-xxxxxx.oktapreview.com/app/xxxxx/sso/saml/metadata
Splunk Intelligence Management enables your Okta SSO configuration within two weeks of receiving the email. After you receive a confirmation, you can enable users in Okta.
Enable users in Okta
Perform the following tasks to enable users in Okta:
- Log in to Okta as an administrator.
- Click Directory in the menu bar.
- Click People on the dropdown menu.
If the user exists, click their name and assign the user to the Splunk Intelligence Management app. If the user doesn't exist, create a new user. A new user's Okta username must be the same email address that they plan to use to log in to the Splunk Intelligence Management web app.
Enable Okta single sign on in Splunk Intelligence Management web app
Users must have an account with the Splunk Intelligence Management web app before you can enable SSO for them.
- Log in to the Splunk Intelligence Management web app using a company administrator account.
- On the User Account Management page, enter the link
https://station.trustar.co/settings/usersto your browser. Alternatively, you can click User Settings in the Navigation Bar and select Settings from the dropdown menu.
- For each user that you want to enable, click Edit.
- Click SSO Enabled.
- Click Save User.
- Repeat the steps for each user in your company that you want to enable with Okta SSO.
- Verify that all users can see a tile for Splunk Intelligence Management when they log into their Okta account after they complete all the configuration steps. Users can click the Splunk Intelligence Management tile to log in to the Splunk Intelligence Management web app.
Refine intelligence reports and indicators in Splunk Intelligence Management
Enable users on Splunk Intelligence Management using Ping Identity
This documentation applies to the following versions of Splunk® Intelligence Management (Legacy): current