AzureAD SSO - Reply URL does not match

mattiashenrikss · ‎12-16-2019

I am trying to set up SSO with Splunk and AzureAD. I have used these guides: https://docs.splunk.com/Documentation/Splunk/7.1.3/Security/ConfigureSSOAzureADandADFS (Splunk) and https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/splunkenterpriseandsplunkcloud-tut... (AzureAD).

When trying to access Splunk and logging in via AzureAD, I get the following message from AzureAD: "... The reply url specified in the request does not match the reply urls configured for the application: ...". The reply url configured in AzureAD is "https://[mySplunkServer]/saml/acs".

What would be the next step to debug this? Is there a way to verify that the reply URL in Splunk is actually "https://[mySplunkServer]/saml/acs"?

benwilinski · ‎02-25-2020

Have you tried changed the sso/slo binding to 'http post' on the saml config page?

mattiashenrikss · ‎02-25-2020

My issue was that I used the wrong name for my splunk server in the Reply URL configured in Azure AD. I found out by looking at the SAML requests/responses between Splunk and Azure AD which are logged by Splunk if DEBUG logging is activated for certain loggers.

LeandroKopke · ‎11-23-2021

Where did you get to see this information? I'm having the same problem as you in an integration I'm doing.

AzureAD SSO - Reply URL does not match

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor