KyryloK.14961 (Customer) asked a question.
Hello. I try to configure SSO authentication to Splunk Enterprise. During using the next instruction
https://saml-doc.okta.com/SAML_Docs/How-to-Configure-SAML-2.0-for-Splunk-Enterprise.html, I have configured "Splunk Enterprise" application, but get an error "Saml response does not contain group information". After that I checked requests by SAML-tracer and saw next, in "SAML 2.0 AttributeStatement" there is no "Role" attribute (as you can see on picture).
.
The "Role" attribute Splunk needed to allow access by Group Mapping. In the instruction at Notes saids that attributes need to be three: mail, realName, role.
But I can't find any way to add attribute and map it to user group (in "Splunk Enterprise" application on OKTA).
I have solved the problem by "Alias Role" but it's a problem to create group mapping for
Hello @KyryloK.14961 (Customer) Thank you for reacting out to our Community!
In the SAML doc, you need to follow the steps 15 and 16 to setup the group requirement on Splunk side, then step 19 needs to be done on Okta side to setup group statement attribute on the Okta application. This way you will send the roles based on group membership. You will have to setup groups in Okta with the role type to satisfy you organisation needs.
Please also note that the group information that you setup on Splunk side is key sensitive, how you setup the group name in Splunk needs to be done exactly the same on Okta side, otherwise it will not work and you will get the same error as described.
Community members help others by clicking Like or Select as Best on responses. Try it today.