![]() ![]() For instance, the first arrow in the table below indicates that you copy the content from the indicated field on CyberArk Identity the Identity Administration portal and paste it into the corresponding field in the Splunk website The red arrows in the table below indicate the direction of the copy and paste operation between the two windows. On the SAML groups page, click SAML Configuration.Ĭonfigure the following General Settings in the Splunk application. Select SAML as your External Authentication Method. In the Splunk server browser window, go to the Settings menu and select Access Controls > Authentication method. It is helpful to open the Splunk web application and the Identity Administration portal Application Settings window simultaneously to copy and paste settings between the two browser windows. Add the Splunk App in the Identity Administration portal In this case you must follow the steps explained in this Splunk forum answer: Leaf > Intermediate > Root and you provide the Leaf certificate to Splunk, Splunk will fail to validate the SAML response. If you have more than two certificates in chain, e.g. If you use that certificate for your application, you must provide the CyberArk CA certificate (the root certificate from the CyberArk tenant certificate in Splunk) for the Splunk application to correctly verify the signature. If you use CyberArk Identity tenant certificate for your application and you provide that certificate to Splunk, the application will fail to validate the SAML response. pem file to the web application.Ĭurrently Splunk does not support certificate chaining and the certificate provided to Splunk must be publicly verifiable.ĬyberArk Identity tenant certificate contains two certificates in chain. p12 file to the application settings in the Identity Administration portal, and upload the public key certificate in a. ![]() If you use your own certificate, upload the signing certificate and its private key in a. You can either download one from the Identity Administration portal or use your organization’s trusted certificate. This permission level lets you enable SAML and edit authentication settings on the Splunk search head.Ī signed certificate in both the Splunk web application and the Identity Administration portal. Splunk SSO Requirementsīefore you configure the Splunk web application for SSO, you need the following:Ī registered CyberArk Identity account and at least one CyberArk Identity Connector installed on a Windows computer (if you use only CyberArk Identity directory as your identity store, you do not need to install the CyberArk Identity Connector).Īn active Splunk Enterprise account with administrator rights for your organization.ĬyberArk or your Active Directory configured to provide the role, realName, and mail attributes for the SSO user.Īn admin role with change authentication capability. If you are not using this version, your interface may differ from the descriptions in this document. This document is written for Splunk On-Premise 6.4.0.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |