Jumpcloud setup saml integration with Kibana for Authentication

Hi All,

We are planning to implement Jumpcloud integration with Kibana for Authentication.

Configuration we added in kibana.yml:

xpack.security.authc.providers:
  saml.saml1:
    order: 0
    realm: saml1
    description: JumpCloud SSO
    hint: Login using Jumpcloud Single Sign-On.
    icon: 'https://raw.githubusercontent.com/jumpcloud.jpg'
  basic.basic1:
    order: 1
    description: ELK Account
    hint: Login with username and password.
    icon: 'https://yt3.googleusercontent.com/ytc/AOPolaRjSDhIgwZlQz'

Configuration we added in Elasticsearch.yml:

xpack.security.authc.token.enabled: true
xpack.security.authc.realms:
  file:
    file1:
      order: 0
      enabled: true
  native:
    native1:
      order: 1
      enabled: true
      authentication.enabled: true
  saml:
    saml1:
      order: 2
      enabled: true
      idp.metadata.path: 'https://sso.jumpcloud.com/saml2/metadata/546456456'
      idp.entity_id: 'https://sso.jumpcloud.com/JumpCloud'
      sp.entity_id: 'https://xxx-xx-xx-xx.xx.xx/'
      sp.acs: 'https://xxx-xx-xx-xx.xx.xx/api/security/saml/callback'
      sp.logout: 'https://xxx-xx-xx-xx.xx.xx/logout'
      idp.use_single_logout: true
      nameid_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
      attributes.principal: 'nameid:persistent'
      attribute_patterns.principal: '^([^@]+)@.*$'
      authorization_realms: native1

Getting exception as per below while starting Kibana:

Pls let us know in case of any other details needed. Actually we implemented the same in Development Environment it was working fine. But, in Production only it is causing the problem.

Pls help us !!

Hi @Manoilayans ,

Please use in-built editor to format your configuration as it is hard to understand the plain text.

Error states to enable xpack.security.http.ssl.enabled. I would start with adding it and see if it works.

Regards, Dima

Thanks for your suggestion, I have updated the config using "Preformatted text" and now you can able to view the configuration properly.

1 Like

Can you try adding it with true ?

Regards, Dima