kmz161
October 19, 2023, 11:47am
1
Hello!documenation for elastic settings. I use id_token, current config
xpack.security.authc.realms.jwt.jwt1:
order: 3
token_type: id_token
client_authentication.type: shared_secret
allowed_issuer: "https://issuer.example.com/jwt/"
allowed_audiences: [ "8fb85eba-979c-496c-8ae2-a57fde3f12d0" ]
allowed_signature_algorithms: [RS256,HS256]
pkc_jwkset_path: jwt/jwkset.json
claims.principal: sub
But I can't found kibana documentation. How I can use jwt for auth in kibana?
jsanz
October 24, 2023, 2:14pm
2
There is no support for JWT and seems that it will never be available for end users but there's a request logged for API access
opened 03:43PM - 17 Aug 23 UTC
Team:Security
enhancement
Feature:Security/Authentication
Elasticsearch has support for authenticating using JSON Web Tokens via their [JW… T Realm](https://www.elastic.co/guide/en/elasticsearch/reference/current/jwt-auth-realm.html).
While we can't support end-users logging in to Kibana via JWT, we should consider adding support for authenticating API requests.
At the moment, we have at least 1 known issue, and that is with the Alerting APIs: Alerting relies on the "Grant API Key API" to create API Keys on behalf of the rule creator, and this API does not support the JWT credential type.
```[tasklist]
### Tasks
- [ ] Research other Kibana features that may be problematic for JWT credentials
- [ ] Document any found limitations
- [ ] Create instructions on how users should authenticate via JWT to Kibana APIs
- [ ] Create automated test suites to verify JWT authentication continues to function
```
Please, feel free to chime in on that issue to provide any feedback you see fit.