We have SAML SSL working well Azure. We have 3 roles defined kibana.
user, superuser, restricted_spaces_user,
Within the Enterprise App, the values are all assigned to the different User groups :
Sec_group_user = user
Sec_group_admin = superuser
Sec_group_restricted = restricted_spaces_user
The role mappings are defined in kibana and the roles are mapped to spaces as required.
The user is "You do not have permission to access the requested page"
Unless you've encountered a bug, the issue here is that the restricted_spaces_user is trying to load a page in Kibana which the user does not have permissions to see. So it's probably related to the roles the user has.
Can you please verify when exactly this error screen is show? Does it happen right after the restricted_spaces_user has logged in before seeing the Kibana home screen? If not, which page is the user trying to navigate to when seeing this error screen?
I enabled trace logs and was able to identify the issue being related to the '_' underscore. I changed all our role values to hyphens and the issue is resolved.
Support also mentioned that the UUID from the group in Azure can also be used
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.