Splunk Enterprise version 6.x is no longer supported as of October 23, 2019. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.
This documentation does not apply to the most recent version of Splunk.
Click here for the latest version.
Download topic as PDF
Configure single sign-on with SAML
You can configure Splunk software to use SAML authentication for single sign-on (SSO), using information provided by your supported identity provider (IdP).
Caution: Before you attempt to configure SSO in Splunk Cloud, contact Splunk Support and open a ticket requesting them to prepare your cloud deployment for SSO. When they have configured your deployment, they will notify you and provide the certificate required.
Prerequisites
- Either:
- A running version of Splunk software OR
- A managed deployment of Splunk Cloud. Self-service deployments of Splunk Cloud log in through the Splunk customer portal and cannot independently configure SAML SSO.
- An identity provider configured to provide the
role,realName, andmailattributes. The supported identity providers are:- Ping Identity
- Okta
- Azure AD
- AD FS
- An admin role with the
change_authenticationcapability. This permission level lets you enable SAML and edit authentication settings on the Splunk search head.
1. Configure SAML SSO with:
Last modified on 29 August, 2016
|
PREVIOUS Best practice for removing an LDAP user |
NEXT Configure SSO with PingIdentity as your identity provider |
This documentation applies to the following versions of Splunk® Enterprise: 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6, 6.4.7, 6.4.8, 6.4.9, 6.4.10, 6.4.11
Feedback submitted, thanks!