Modify or remove role mappings
When you configure your Splunk deployment to use your SAML authentication system, you can authorize groups on your SAML server to log in by mapping them to Splunk user roles. You can map multiple groups to a single user role.
This topic describes how to remove roles from existing groups or delete groups entirely. To remove and individual user from a SAML group, consult your IdP documentation.
1. In the Settings menu, select Access Controls > Authentication method.
2. Select SAML as your authentication type.
3. Click Configure Splunk to use SAML.
4. To delete an entire group click Delete for the group you wish to remove.
5. On the SAML Groups page, click Edit for a group you want to modify.
6. Specify the roles that you want to remove from this group by moving the desired roles from the right column to the left column.
7. Click Save.
After you configure SAML SSO and map groups to role, you can distribute the login URL to your users.
Map groups on a SAML identity provider to Splunk roles
Configure SAML SSO using configuration files
This documentation applies to the following versions of Splunk Cloud Platform™: 8.2.2109, 8.1.2103, 8.2.2104, 8.2.2105 (latest FedRAMP release), 8.2.2106, 8.2.2107