Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Issues with SIEM Integration in Saviynt with Splunk - Redirect to Login Page

New Contributor III
New Contributor III


We are currently working on integrating Saviynt's SIEM with Splunk and have encountered an issue during the process.

We have successfully followed the steps for creating an analytics record and setting up a user with the necessary permissions. Additionally, I am able to invoke the authentication API and receive a bearer token. We followed the links here: Saviynt SIEM Integration ( and Understanding the Integration between EIC and Splunk (

However, when I try to use this token with the `fetchRuntimeControlsDataV2 API` to access analytics in Postman, I receive an HTML response for the login page.


Here are the details of my issue:

  • Instead of getting the expected analytics data, I am redirected to a login page (HTML response).
  • This issue persists even though the bearer token seems valid and is included in the request header.

Has anyone else encountered this issue, or could provide some insights into what might be going wrong?

Thank you for your assistance!



Its working as expected 

Please share curl command [Refer ]



Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.