In our company, we are using the elastic stack for the last 4 years.
As x-pack security was only for paid users before. Instead of x-pack, we used google authentication for login.
Once a user log-in with their Gmail accounts, Kibana discover page will be visible.
Few days back, we implemented x-pack security for our elastic stack. Now every user has to do double authentication before login i.e :
a. google authentication
b. elastic authentication
Is there any possible way to eliminate elastic authentication but apply role based previlagies using their gmail credentials??
Instead of elastic authentication, can we directly use google authentication email id for role based authentication?
Or Is there any way to eliminate elastic authentication but use role based privilages?
#elastic-stack:elasticsearch, #elastic-stack:kibana, #elastic-stack:beats and #elastic-stack:logstash.
Hi @Murali_Krishna2 Welcome to the community!
No.. Authentication (User/Password) leads to Authorization (Roles)
I think you have 3 options
Disable x-pack security and go back to your previous method
Go All the way in and get a Platinum commercial license and use SAML etc. complete with role mappings
Perhaps Use Anonymous Login after you login with your GMAIL and redirect to Kibana.
See Here : Authentication in Kibana | Kibana Guide [8.4] | Elastic
I think I wrote a post on this before here I think that shows Elastic Cloud but self managed should be pretty much the same you can remove the basic auth so only have anonymous.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.