Full Access for user with document level security enabled


With document level security enabled, we were able to restrict document access to certain users based on their role. These users login usually login from their personal laptops.

But, we want same users to be able to access all documents (no doc-level security) when logged in from a specific computer with fixed IP.

Any help appreciated !!

The Elastic Stack does not aim to be a general purpose, full featured identity provider, and does not provide support for IP aware roles.

Your best option would be to use a SAML IdP for this. If the IdP can expose an attribute indicating whether the user is on an internal IP address, then Elasticsearch can use that to perform role mapping and assign a different set of roles.

1 Like

Thanks for the response. will try alternatives

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.