I am trying to setup Single Sign-On for an instance by following this guide .
I am encountering the error 'You do not have permission to access the requested page'. I have a feeling it has to do with the role mappings. I actually do not understand how it works so I did not alter or set any role mappings. The instance currently uses LDAP and we want to change to saml sso. I will appreciate any help on this.
cc @Larry_Gregory can throw more light on this when he has some time.
Thanks
Rashmi
Hey @Keemtaker, welcome to the discussion boards! Yes, this error message means that you were able to successfully authenticate to Kibana, but your account failed our base authorization checks. This typically means that either:
Since you didn't alter or set any role mappings, I'm guessing that's where we should look next. We have a guide on creating role mappings for SAML users here, which also explains why they are necessary, and what function they perform: Configuring SAML single-sign-on on the Elastic Stack | Elasticsearch Guide [8.3] | Elastic.
I'm happy to help further, but it's hard to offer more concrete guidance without more information. Let me know how you make out with this guide, and I can answer any specific questions you have from there.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.