Learn how to configure SAML SSO with Splunk Cloud and PingFederate.
An error in configuration could cause users and administrators to be unable to sign on to Splunk Cloud.
The following Direct Login link can be used for local authentication: https://<tenant>.splunkcloud.com/en-US/account/login?loginType=splunk.
The following table details the required and optional attributes to be configured in the assertion attribute contract.
Attribute Name | Description | Required / Optional |
---|---|---|
|
Required |
|
|
User role as per SAML Groups. Attribute name is configurable in SAML configuration for application. |
Required |
|
User Email address. Attribute name is configurable in SAML configuration for application. |
Optional |
|
User display name. Attribute name is configurable in SAML configuration for application. |
Optional |
The following table details the references that are used within this guide that are environment specific. Replace these with the suitable value for your environment.
Reference | Description |
---|---|
<tenant> |
The instance name for the Splunk Cloud tenant. |
The following configuration is untested, and is provided as an example. Additional steps might be required.
-
Create a PingFederate SP
connection for Splunk Cloud.
-
Configure the PingFederate
IdP-connection for Splunk
Cloud.
The configuration is complete.