Kibana - Okta integration not working

(Ravichandran Rajaram) #1

I am getting the below error while try to integrate kibana with okta for SSO:

Jun 04 18:39:20 kibana-1 docker[31268]: org.elasticsearch.ElasticsearchSecurityException: Cannot find any matching realm for [SamlPrepareAuthenticationRequest{realmName=null, assertionConsumerServiceURL=}]

I followed the steps mentioned in the post: Kibana SAML authentication issue and made sure that I have proper setting in my kibana.xml to match the acs url that I specify in the elasticsearch.yml.

snippet from kibana.xml:

public.protocol: https
public.port: 443

snippet from elasticsearch.yml

type: saml
enabled: true
order: 2
idp.metadata.path: "/usr/share/elasticsearch/config/private/okta-nonprod.xml"
idp.entity_id: ""
sp.entity_id:  ""
sp.acs: ""
sp.logout: ""
attributes.principal: "nameid:persistent"
attributes.groups: "groups"

What else could cause, this type of error?

(Tim Vernum) #2

What license are you running with?
Unfortunately you can get this exact error if your license does not allow for SAML (e.g. you are using a Gold license).
The error message has been changed to be more explicit in the 6.3 release.

(Ravichandran Rajaram) #3

Thanks TimV, we are using Gold licence for prod and non prod. Our dev cluster works fine, since it has trial license.

(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.