Okta Integration with elasticsearch

Elastic Stack Elasticsearch
1

Hi All,

I'm trying to integrate Okta with elasticsearch in our environment, have configured all the details as per documentation.
Now when i hit the kibana url its taking me to Okta page, after entering the credentials the url is redirecting to elasticsearch url with a failure message,

Screenshot FYI..
image

Here is my elasticsearch.yml

xpack.security.authc.realms.saml.iff-saml:
   order: 2
   idp.metadata.path: "/etc/elasticsearch/metadata.xml"
   idp.entity_id: "http://www.okta.com/fytnbvn06sa05"
   sp.entity_id: "http://1.3.5.1:5601/"
   sp.acs: "http://1.5.5.1:5601/api/security/v1/saml"
   sp.logout: "http://1.3.5.1:5601/logout"
   attributes.principal: "nameid"
   attributes.groups: "groups"

This is an on-premise setup with version 7.6.2

I'm not sure where is the mistake...Please advice...

Thanks
Gautham

2

It looks like you have configured okta to redirect you back to Elasticsearch ( you are in http://something:*9200*) instead of kibana. Check your OKTA settings (i.e Single sign on URL if I remember correctly, this should match the value you have in sp.acs )

3

@ikakavas while giving details to okta team i have given details like

Singel Signon URL : http://elasticsearch:9200/api/security/v1/saml

and Audience URI(SP Entity ID) : http://kibana:5601

You mean to say i need to give single sign on and sp entity id both as kibana URL?

Thanks
Gautham

4

I mean you need to set Single Signon URL to the same value as you've set sp.acs and you need to set Audience URI(SP Entity ID) to the same value as you've set sp.entity_id. And these need to point to Kibana, as described in detail in our documentation

5

Awesome @ikakavas it worked. Thank you very much.

Thanks
Gautham

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.