I am getting the below error while try to integrate kibana with okta for SSO:
Jun 04 18:39:20 kibana-1 docker[31268]: org.elasticsearch.ElasticsearchSecurityException: Cannot find any matching realm for [SamlPrepareAuthenticationRequest{realmName=null, assertionConsumerServiceURL=https://a1.kibana.nonprod.com:443/api/security/v1/saml}]
I followed the steps mentioned in the post: Kibana SAML authentication issue and made sure that I have proper setting in my kibana.xml to match the acs url that I specify in the elasticsearch.yml.
snippet from kibana.xml:
public.protocol: https
public.hostname: a1.kibana.nonprod.com
public.port: 443
snippet from elasticsearch.yml
authc.realms.saml1:
type: saml
enabled: true
order: 2
idp.metadata.path: "/usr/share/elasticsearch/config/private/okta-nonprod.xml"
idp.entity_id: "http://www.okta.com/exk19gjjg09xxxxxxxx"
sp.entity_id: "https://a1.kibana.nonprod.com"
sp.acs: "https://a1.kibana.nonprod.com:443/api/security/v1/saml"
sp.logout: "https://a1.kibana.nonprod.com/logout"
attributes.principal: "nameid:persistent"
attributes.groups: "groups"
What else could cause, this type of error?