We are currently working with Elastic cloud and Azure AD and trying to login to azure with normal AD groups. This is done via role mappings and OIDC. This seems to work fine. However once we use a native Azure AD group it doesn't seem to work anymore. Is there a difference between both? tokens maybe?
We use this guide to configure the whole thing:
Set up OpenID Connect with Azure, Google, or Okta | Elasticsearch Service Documentation | Elastic
You'll need to share details about exactly how it does not work for troubleshooting. Error messages? Configurations? Different between working and non-working setup?
If you are Cloud customer and have support contract, I'd suggest you leverage that to get help from dedicated support folks.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.