Configure Open ID connect using Azure AD roles


Is it possible to map the azure roles in kibana role mapping since my organisation does not allow azure groups to be enabled in the token response. The only possible fields seem to be username, groups, realm and dn. I want to map azure roles received to the kibana roles to grant access to different spaces.


This is a pretty detailed guide on how to to set it up. If you need further clarifications, let us know here:

My question was more specific if we can have claims.roles setting in elasticsearch to map azure roles in role mapping file. I have followed these links to setup SSO and i'm currently stuck with the claims