Authorization

Follow this guide to create a new Splunk Observability credential that will allow Nexla to authenticate to and exchange data with your Splunk Observability account.

Splunk Observability

Prerequisites

Before creating a Splunk Observability credential, you need to obtain your Organization Access Token and Organization Realm from your Splunk Observability account. Splunk Observability uses token authentication for all API requests, with the token sent in the X-SF-Token header.

To obtain your Splunk Observability credentials, follow these steps:

1. Sign in to your Splunk Observability account using your administrator credentials.

2. Navigate to your profile page in the Splunk Observability UI by clicking your profile icon in the top right corner.

3. Your Organization Realm will be displayed on your profile page. A Observability realm is a self-contained deployment that hosts organizations. Copy the realm name (e.g., us0, us1, eu0).

4. Navigate to Organization Settings or Access Tokens in your Splunk Observability account.

5. Look for the Access Tokens section, which lists your Organization Access Tokens.

6. If you don't have an Organization Access Token yet, click Create Access Token or Generate Token to create a new Organization Access Token.

7. Configure your Organization Access Token settings:

   • Enter a name for the token (e.g., "Nexla Integration")
   • Review and select the permissions or scopes for the token (if applicable)

8. Click Create or Generate to create the Organization Access Token.

9. Copy the Organization Access Token immediately after it's generated, as it may not be accessible again after you navigate away from the page.

10. Store both credentials securely, as you will need them to configure your Nexla credential. The Organization Access Token and Organization Realm are sensitive information and should be kept confidential.

The Organization Access Token is sent in the X-SF-Token header for all API requests to the Splunk Observability API. The Organization Realm is used to construct the API endpoint URL (e.g., https://api.{realm}.signalfx.com). The token authenticates your requests and grants access to Splunk Observability resources based on your account permissions. If your Organization Access Token is compromised, you should immediately revoke it in your Splunk Observability account settings and generate a new one. For detailed information about obtaining Organization Access Tokens, API authentication, and available endpoints, refer to the Splunk Observability API documentation.

Create a Splunk Observability Credential

• To create a new Splunk Observability credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

New Credential Overlay – Splunk Observability

Credential Name & Description

1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

   Resource descriptions are recommended but are not required. They should be used provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

Token Authentication

Splunk Observability uses token authentication for all API requests. The Organization Access Token is sent in the X-SF-Token header, and the Organization Realm is used to construct the API endpoint URL.

2. Enter your Organization Realm in the Organization Realm field. This should be your Splunk Observability realm name (e.g., us0, us1, eu0). You can find your realm name on your profile page in the Splunk Observability UI. The realm is used to construct the API endpoint URL (e.g., https://api.{realm}.signalfx.com).

3. Enter your Organization Access Token in the Organization Access Token field. This is the Organization Access Token you obtained from your Splunk Observability account settings (Organization Settings > Access Tokens). The Organization Access Token is sent in the X-SF-Token header for all API requests to the Splunk Observability API. The Organization Access Token is sensitive information and must be kept confidential.

   Your Splunk Observability credentials can be found in your Splunk Observability account. The Organization Realm can be found on your profile page in the Splunk Observability UI. The Organization Access Token can be found in your Organization Settings > Access Tokens. The Organization Access Token is sent in the X-SF-Token header for all API requests to the Splunk Observability API.

   If your Organization Access Token is compromised, you should immediately revoke it in your Splunk Observability account settings and generate a new one. The Organization Access Token provides access to your Splunk Observability account data and should be treated as sensitive information. Keep your credentials secure and do not share them publicly.

   For detailed information about obtaining Organization Access Tokens, API authentication, realms in endpoints, and available endpoints, see the Splunk Observability API documentation and Realms in Endpoints documentation.

Save the Credential

1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.