I am trying to configure SAML authentication together with our Windows 2016 ADFS server but whatever I try I am running into the following error:
Authentication to realm saml1 failed - SAML Attribute [nameid:persistent] for [attributes.principal] not found in [nameid=[email@example.com]]
My SAML configuration looks like this:
xpack.security.authc.realms.saml1: type: saml order: 1 idp.metadata.path: saml\FederationMetadata.xml idp.entity_id: "http://federation.domain.local/adfs/services/trust" sp.entity_id: "https://elkserver.domain.local/" sp.acs: "https://elkserver.domain.local:443/api/security/v1/saml" sp.logout: "https://elkserver.domain.local/logout" attributes.principal: "nameid:persistent" nameid_format: "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
On the ADFS side, I have just configured the outgoing claim for User-Principal-Name to nameid
Any help would be appreciated.