For increased security and convenience, you can set up single-sign-on (SSO) using SAML 2.0 in Splunk Synthetic Monitoring. This lets your users log in quickly and securely, and enables your organization to easily provision and deprovision users as workforces change.
If you use one of the following SSO identity providers, use the following instructions:
- Set up SSO in Splunk Synthetic Monitoring using Ping Identity
- Set up SSO in Splunk Synthetic Monitoring using Azure Active Directory
- Set up SSO in Splunk Synthetic Monitoring using Okta
If your identity provider supports SAML 2.0 but is not listed above, it has not been officially tested with Splunk Synthetic Monitoring. Although Splunk cannot provide detailed guidance and troubleshooting, you can use the following steps as a guide. Refer to your identity provider’s documentation for detailed instructions.
Prerequisites
- You need administrator access in your organization’s identity provider.
- Make sure all the users you want to add have access to Splunk Synthetic Monitoring. See Add users and groups to learn how to create accounts for new users.
- Check that all your users are assigned to the correct roles in Splunk Synthetic Monitoring, as Splunk Synthetic Monitoring does not inherit RBAC from your identity provider. See What Are The Types Of User Roles? to learn about roles.
Set up SSO in Splunk Synthetic Monitoring
Follow these steps to set up SAML 2.0 in Splunk Synthetic Monitoring:
- Add Splunk Synthetic Monitoring as an application in your identity provider
- Grant access to the new application in your identity provider
- Download the metadata XML from your identity provider
- Configure SAML login in Splunk Synthetic Monitoring
1. Add Splunk Synthetic Monitoring as an application in your identity provider
See your identity provider’s documentation for instructions. Enter the following URLs when prompted:
- SAML Callback URL: https://monitoring.rigor.com/saml/callback
- Sign in URL to configure SAML: https://monitoring.rigor.com/
2. Grant access to the new application in your identity provider
Assign the appropriate users and groups to the Splunk Synthetic Monitoring application in your identity provider. See your identity provider’s documentation for detailed instructions.
3. Copy the metadata XML from your identity provider
Follow these steps to copy the metadata XML you need for the configuration in Splunk Synthetic Monitoring:
- Locate the SAML 2.0 Metadata XML for your Splunk Synthetic Monitoring application in your identity provider.
- If the XML is in a downloadable file, download the file and open it using a text editor (e.g. TextEdit in Mac or Notepad in Windows; don’t use Pages or Word to prevent auto-formatting from corrupting the XML file).
- Copy the full text of the XML file.
4. Configure SAML login in Splunk Synthetic Monitoring
- Go to https://monitoring.rigor.com/ to log into Splunk Synthetic Monitoring.
- In the Admin Tools menu, select SAML Configuration.
- Enter a Name for the configuration.
- In the XML field, paste the XML you copied from your identity provider.
- Verify the configuration by clicking the Verify button or by choosing Verify from the gear icon menu.
- Once the configuration is verified, return to edit the configuration and check the box next to Enable. A modal box appears to confirm you want to enable the configuration, which will log you and all users out of the account.
- To log back in, enter your Splunk Synthetic Monitoring username and click Next. If SSO is configured correctly, your identity provider’s login page will open to complete the login.
Once SAML login is set up, users will be asked to re-authenticate via their SSO provider every 12 hours. After they re-authenticate, users return to their active session.