Elastic Cloud (Ver7.5) にてAuth0をOPにしてOIDCの設定をしています。
https://www.elastic.co/guide/en/cloud/current/ec-secure-clusters-oidc.html
上記URLを参考にしながら設定したのですが、IDトークンの検証で以下のエラーが出てしまいます。
Authentication to realm oidc1 failed - Failed to authenticate user with OpenID Connect (Caused by ElasticsearchSecurityException[Failed to parse or validate the ID Token]; nested: BadJWTException[Unexpected JWT issuer: https://xxxxx.auth0.com/];)
elasticsearch.yml
xpack.security.authc.realms.oidc.oidc1:
order: 2
op.issuer: https://xxxxx.auth0.com
op.authorization_endpoint: https://xxxxx.auth0.com/authorize
op.token_endpoint: https://xxxxx.auth0.com/oauth/token
op.jwkset_path: https://xxxxx.auth0.com/.well-known/jwks.json
op.userinfo_endpoint: https://xxxxx.auth0.com/userinfo
rp.client_id: <clientid>
rp.response_type: code
rp.redirect_uri: https://xxxxx.ap-northeast-1.aws.found.io:9243/api/security/v1/oidc
rp.post_logout_redirect_uri: https://xxxxx.ap-northeast-1.aws.found.io:9243/logged_out
rp.signature_algorithm: RS256
claims.principal: sub
xpack.security.authc.realms.oidc.oidc1.rp.client_secretにclient secretを登録済み
kibana.yml
xpack.security.authProviders: [oidc, basic]
xpack.security.authc.oidc.realm: "oidc1"
server.xsrf.whitelist: [/api/security/v1/oidc]
何か設定が足りないところがあるのでしょうか?
問題解決のために他に必要な情報があれば教えてください。
