I am having trouble getting SAML integrated with Elastic. I used a 14-day Trail and got it to work there, but now that I tried to integrate it into our production environment I am getting errors.
Below is the yaml for our prod environment that isn't working. This is roughly the same that was used in our dev environment except some of the values were different due to us using Okta preview as opposed to Okta for testing.
xpack.security.authc.realms.saml:
saml1:
order: 2
idp.metadata.path: 'https://company.okta.com/app/exklsxxxxxxx/sso/saml/metadata'
idp.entity_id: 'http://www.okta.com/exklsxxxxxxxxxx'
sp.entity_id: 'https://company.kb.us-east-1.aws.found.io:9243' # Make sure there is no trailing "/"
sp.acs: 'https://company.kb.us-east-1.aws.found.io:9243/api/security/saml/callback'
sp.logout: 'https://company.kb.us-east-1.aws.found.io:9243/logout'
attributes:
# Or replace with another SAML provider attribute you prefer to map to the username
principal: nameid
This is the documentation I followed.
I would also like to note that we are using a cloud-hosted environment