OIDC configuration - Role mapping

I am trying to configure OIDC for signing into kibana. My OP provides a claim token after a successful authentication from which I am trying to map the value of a field called "roles" to kibana user roles.

According to the ELK documentation, the below realm

xpack.security.authc.realms.oidc.oidc1.claims.groups

seems to be used for that purpose. I assigned this value to be as roles as follows :

xpack.security.authc.realms.oidc.oidc1.claims.groups: roles

But the authentication does not work as expected. I am getting an authorization error. Is there another way of mapping the OIDC claim's "roles" to kibana user roles ?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.