I'm using elastic cloud and I followed the link tutorial below to enable SAML authentication on Kibana, but I'm having a problem.
Documentation I have followed: https://www.elastic.co/guide/en/cloud/current/ec-securing-clusters-SAML.html
Error that I am recceing after I log in to IdP and am redirected back to my_host_kibana / api / security / v1 / saml
{clue: admin / xpack / security / saml / authenticate} [action_code: 401, "error": "Unauthorized", "message": "[security_exception] unable to authenticate user [<unauthenticated-saml- \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ security \\\ "charset = \\\" UTF-8 \\\ "\"}}} "}
Elasticsearch configuration
xpack:
security
authc:
realms:
cloud-saml:
type: saml
order: 2
attributes.principal: "nameid:persistent"
attributes.groups: "http://schemas.microsoft.com/ws/2008/06/identity/claims/groups"
idp.metadata.path: "https://login.microsoftonline.com/4a39dff3-ff09-440b-b47b-8c603416bfce/federationmetadata/2007-06/federationmetadata.xml?appid=bdf10ffb-849e-4fd4-8038-335ed137c0aa"
idp.entity_id: "https://sts.windows.net/4a39dff3-ff09-440b-b47b-8c603416bfce/"
sp.entity_id: "https://8b64c0c41ede48bc9e907a5279089109.us-east-1.aws.found.io:9243"
sp.acs: "https://8b64c0c41ede48bc9e907a5279089109.us-east-1.aws.found.io:9243/api/security/v1/saml"
sp.logout: "https://8b64c0c41ede48bc9e907a5279089109.us-east-1.aws.found.io:9243/logout"
Setting up kibana
xpack.security.authProviders: [saml]
server.xsrf.whitelist: [/api/security/v1/saml]
xpack.security.public:
protocol: https
hostname: 8b64c0c41ede48bc9e907a5279089109.us-east-1.aws.found.io
port: 9243