Using azure-ad-b2c with splunk

0
votes

I've beed trying to get azure-ad-b2c to be a IDP with localaccounts for Splunk SAML SSO. with https://docs.microsoft.com/en-us/azure/active-directory-b2c/custom-policy-get-started https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack https://docs.microsoft.com/en-us/azure/active-directory-b2c/connect-with-saml-service-providers

Presently I've got different error messages like

  • Verification of SAML assertion using the IDP's certificate provided failed. Unknown signer of SAML response
  • Verification of SAML assertion using the IDP's certificate provided failed. Error: failed to verify signature with cert

Also, given I get this to work, I still need to extract security group association and exposed to Splunk. I think this article is relevant....

Anyone have a good writeup to get this going?

Brgds Kristen

1
azure-ad-b2csamlsplunk

1 Answers

0
votes

If this is a new B2C setup, have you used the MS Azure test app to verify?

https://samltestapp2.azurewebsites.net/SP

Based on the error, it sounds like Splunk needs to trust the certificate used for SAML signatures.