Okta - ElastiCloud - We hit an authentication error. Please check your credentials and try again

Hi,

Setting up OKTA<->ElasticCloud SAML 2.0.
For Reference, I have followed the steps from following.

  1. Integrating Elastic Cloud Kibana with Okta SAML SSO in 2021 - BioTeam
  2. Secure your clusters with SAML | Elasticsearch Service Documentation | Elastic

However, I am getting an error as following when I select 'ElasticCloud' from Okta
"We hit an authentication error. Please check your credentials and try again. If you still can't log in, contact your system administrator."

Also, checked

GET _security/_authenticate 

and got following response

{
  "username" : "xxx@xya.z",
  "roles" : [
    "superuser",
    "kibana_admin",
    "kibana_system",
    "custom_reporting_user"
  ],
  "full_name" : "<full name>",
  "email" : "xxx@xya.z",
  "metadata" : { },
  "enabled" : true,
  "authentication_realm" : {
    "name" : "native",
    "type" : "native"
  },
  "lookup_realm" : {
    "name" : "native",
    "type" : "native"
  },
  "authentication_type" : "realm"
}

Below is the URL it is hitting as soon as it is navigated from OKTA

https://<KibanaEndpoint>.aws.found.io:9243/login?next=%2F&msg=UNAUTHENTICATED)

Screenshot of Error Message

Hi @chasep ,

It's hard to say what's going on here without logs, have you seen anything suspicious in the KIbana logs?

Hmm, it's not a SAML/Okta user - it's just a native Elasticsearch user. What exactly you tried to check with this request?

By the way, if you have a superuser role for the user, you don't need any other roles, it covers everything already (and kibana_system shouldn't be assigned to the users anyway).

Best,
Oleg

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.