Issue with Okta SAML "Request must contain a kbn-xsrf header"

I am having issues setting up SSO via Okta with our Elasticsearch and Kibana.

I get the following error:

{"statusCode":400,"error":"Bad Request","message":"Request must contain a kbn-xsrf header."}

In my kibana.yml I have the following:

server.xsrf.whitelist: [/api/security/v1/saml]

Just as a test I also tried

server.xsrf.disableProtection: true

Any ideas on what I'm doing wrong?

Can you share a little more information ? When does this happen ? Is it when the IDP redirects your browser back to Kibana with the SAML Response ? What is the URL that you are hitting and produces this error ?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.