We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Splunk Add-On To Support OAuth

Sivagami
Valued Contributor
Valued Contributor

Currently Splunk Add-On expects Username and Password as input to access the API's. Ideally it should support OAuth based authentication as well.

https://docs.saviyntcloud.com/bundle/Splunk-Guide/page/Content/Understanding-the-Integration-between... 

Sivagami_1-1681737947352.png

Could this be reviewed?

-Siva

5 REPLIES 5

Darshanjain
Saviynt Employee
Saviynt Employee

Hi @Sivagami 

It is Oauth based mechanism only, initially to get the token  /api/login you need username and password and then it uses oauth only.

 

Thanks

Darshan

Thanks

Darshan

Hi @Darshanjain - I understand the API login call will yield a JWT token but it's kind of generated by passing the username and local API password that's generated. For SSO enabled instances, this is not a recommended approach to get the access token. So, ideally the add-on should support the use of federated authentication by using AD service account which needs to match the user created in Saviynt & the AD service account should ideally authenticate with our IDP to get the bearer token and present it to the Saviynt API’s.

-Siva

Hi @Sivagami 

Splunk add on just uses the Api call to fetch token , now its the same like how we fetch token from postman to saviynt, so you have to use username and password ideally. Even though sso is enabled, you can still create a user and reset the password using Api and use it accordingly.

 

Thanks

Darshan

Sivagami
Valued Contributor
Valued Contributor

@Darshanjain - I understand the usage but our security teams have concerns on using local credentials to access API. Hence, looking for a way to avoid it.

-Siva

Hi @Sivagami 

Right now its not supported, you can raise it in ideas portal for the same.