Log in to a Splunk platform instance in a Connected Experiences app
Register your mobile device or TV using Splunk Secure Gateway to log in to a Splunk platform instance.
Supported authentication methods
Splunk Secure Gateway supports the following authentication methods:
- Security Assertion Markup Language (SAML)
- Mobile Device Management (MDM)
- Lightweight Directory Access Protocol (LDAP)
- local authentication
LDAP and local authentication do not require additional configuration.
Prerequisites
- Download a Connected Experiences app on your device.
- Have an admin opt in to use Splunk Secure Gateway. See Get Started with Splunk Secure Gateway.
- Have an admin enable token authentication. See enable token authentication in the Securing the Splunk Platform manual.
- If you're logging in using a QR code, make sure token authentication is enabled. See Enable or disable token authentication to learn how.
See the following options for how you can log in to a Splunk Platform instance in a Connected Experiences app:
- Log in with an authentication code
- Log in to multiple Splunk platform instances
- Log in if your organization uses an SSO provider
- Log in if your organization uses MDM
- Log in if your organization uses SAML and MDM
- Log in to multiple Splunk platform instances
- Unregister a device
If you run into issues during login, see Troubleshoot Splunk Secure Gateway performance issues in the Administer Splunk Secure Gateway manual.
Log in with a QR code or authentication code using Splunk Secure Gateway
You can log in by scanning the QR code in Splunk Secure Gateway or manually entering the authentication code. Here's how to log in using the authentication code in the Connected Experiences apps.
QR code login requires token authentication to be enabled. See Enable or disable token authentication to learn more.
Scan QR code
If you're using Splunk Mobile, you can log in by scanning a QR code. Only Splunk Mobile supports QR code login. QR code login requires token authentication and you must allow Splunk Mobile to access the camera on your device to scan the QR code.
- Open Splunk Mobile on your device.
- On the Splunk platform instance login screen in Splunk Mobile, tap Open Camera.
- In the Home tab in Splunk Secure Gateway, click + Add New Device.
- Select Splunk Mobile.
- Click Next.
- Click Log in with QR code.
- Scan the QR code.
Enter authentication code
You can log in using the authentication code for any Connected Experiences app.
- In the Home tab in Splunk Secure Gateway, click + Add New Device
- Select the Connected Experiences app that you're using.
- Click Next
- Enter the 10-digit code provided by the Connected Experiences app.
- Click Next.
- Check that the confirmation code matches the confirmation code on the device.
- Log in with your Splunk Enterprise credentials
- Click Confirm to complete registration.
Log in to multiple Splunk instances
You can log in to multiple Splunk platform instances and switch between Splunk platform instances.
- In the Connected Experiences mobile app, navigate to Settings.
- Click Manage instances.
- Click +.
- Enter the provided authentication code in Splunk Secure Gateway.
Log in if your organization uses an SSO provider
If your organization uses SAML authentication, you can log in using your Splunk credentials and the authentication code provided in the Connected Experiences mobile app, or by entering your organization's hostname.
Prerequisites
- Your admin has set up SAML authentication. See Set up SAML authentication for admin set up steps in the Administer Splunk Secure Gateway manual.
Log in with the authentication code
You can use Splunk Secure Gateway to log in to Splunk Cloud Platform or Splunk Enterprise with an SSO provider.
- Log in using the authentication code provided in the Connected Experiences app.
- During registration, you are redirected to your SSO provider.
- Log in and complete the registration steps. See Log in a device with an authentication code using Splunk Secure Gateway.
Log in with a hostname
Before logging in with a hostname, an admin must provide you with a registration QR code or your organization's hostname in the form of https://<splunk-cloud-instance-name>.splunkcloud.com
. For admin steps, see Provide a QR code for SAML authentication device registration with a hostname in the Administer Splunk Secure Gateway manual.
You can only log in to Splunk Cloud Platform instances with a hostname.
- In the Splunk Mobile app login screen, tap SSO.
- Scan the QR code or enter the hostname provided by your admin.
- Tap Sign in with SSO. You're redirected to your organization's IdP.
- Sign in with your SSO credentials.
Log in if your organization uses MDM
If your admin set up Mobile Device Management (MDM) and in-app device registration, you can enter your Splunk login credentials to log in.
MDM allows admins to scale and further secure their Splunk Mobile deployment. To learn more about compatible apps and providers, see About MDM and in-app registration.
If your organization uses both SAML authentication and an MDM provider, see Log in if your organization uses both SAML authentication and an MDM provider
Prerequisites
- Use a MDM-supported app. See About MDM and in-app registration to learn which Connected Experiences apps support MDM.
- Your admin has set up MDM and in-app registration.
For admin MDM setup, see Set up MDM and in-app registration for the Connected Experiences apps.
Log in with an iOS MDM-distributed device
If you're using an iOS device, follow these steps to log in with your MDM-distributed device:
- If you're using an iOS device, log in to your MDM provider website on your device. This installs an MDM profile on your device and redirects you to the App Store or Playstore.
- Download the MDM provider's catalog app.
- In the MDM providers' catalog app, download the Splunk Connected Experiences app.
- In the Splunk Connected Experiences app, tap the Splunk platform instance that you want to log in to.
- Select Local sign on or Single Sign On.
- Enter your Splunk platform instance or SSO credentials to register.
Alternatively, tap Log in with Code to log in using a provided authentication code in Splunk Secure Gateway.
Log in with an Android MDM-distributed device
If you're using an Android device, follow these steps to log in with your MDM-distributed device:
- Download your MDM provider app from the Play Store.
- Log into the MDM provider app with your MDM credentials. This installs an MDM profile on your device.
- Download the Splunk Connected Experiences app from the Play Store.
- Select Local sign on or Single Sign On.
- Enter your Splunk platform instance or SSO credentials to register.
Alternatively, tap Log in with Code to log in using a provided authentication code and Splunk Cloud Gateway, or tap Log in with SSO to log in using SAML authentication with a hostname.
Log in if your organization uses both SAML authentication and an MDM provider
If your organization uses both SAML authentication and an MDM provider, select SSO Sign On and log in with your organization credentials.
Log in to multiple Splunk instances
You can get data from multiple Splunk platform instances on your device when you log in to more than one Splunk platform instances.
- Navigate to Settings > Manage Instances. Or if you're using Splunk Mobile, tap the Secure Gateway ID dropdown arrow.
- Tap the + icon.
- Log in using any authentication method.
To navigate between Splunk platform instances in the Splunk Mobile app, tap the Secure Gateway ID dropdown and select the instance that you want to view data from.
The Secure Gateway ID is randomly generated when you first launch Splunk Secure Gateway. Admins can define this Secure Gateway ID in Administration > Deployment Settings in Splunk Secure Gateway or in the securegateway.conf file so you can quickly identify your Splunk platform instances.
Unregister a device
You can unregister a device in Splunk Secure Gateway or in the Connected Experiences mobile app on the device.
Here's how to unregister a device in Splunk Secure Gateway:
- Navigate the Home tab in Splunk Secure Gateway.
- Next to the device you want to remove, click the trash icon.
Here's how to unregister a device in the Connected Experiences mobile apps:
- Navigate to Settings.
- Tap Manage instances.
- Tap the trash iconnext to the instance you want to unregister from.
- Click Unregister to confirm.
Troubleshoot Splunk Secure Gateway |
This documentation applies to the following versions of Splunk® Secure Gateway: 2.9.1 Cloud only, 2.9.3 Cloud only, 2.9.4 Cloud only, 3.0.9, 3.1.2 Cloud only, 3.2.0 Cloud only, 3.3.0 Cloud only, 3.4.251, 3.5.15 Cloud only
Feedback submitted, thanks!