SAML OKTA on KIBANA not working

Hello ,
Please assist and thank you in advance for the help. Below are my configuration for everything . What am i doing wrong?
Elasticsearch Config elasticsearch node-1
bootstrap.memory_lock: false	

http.port: 9200

discovery.seed_hosts: [""]
cluster.initial_master_nodes: ["node-1"] true true certificate elastic-certificates.p12 elastic-certificates.p12 true elastic-certificates.p12 elastic-certificates.p12 true
    order: 0
    order: 1
    idp.metadata.path: ""
    idp.entity_id: ""
    sp.entity_id:  ""
    sp.acs: ""
    idp.use_single_logout: true
    sp.logout: ""
    signing.certificate: saml-sign.crt
    signing.key: saml-sign.key

KIBANA "Kibana"
elasticsearch.hosts: [""]
kibana.index: ".kibana"

kibana.defaultAppId: "home"

elasticsearch.username: "elastic"
elasticsearch.password: "elastic"

server.ssl.enabled: true
server.ssl.certificate: "D:\\elk-certs\\elkmachinecorpmynetworkcom.crt"
server.ssl.key: "D:\\elk-certs\\elkmachinecorpmynetworkcom.key"
elasticsearch.ssl.verificationMode: none "i_am_enabling_this_for_security_and_more" 600000 [basic, saml] saml1
server.xsrf.whitelist: [/api/security/v1/saml] ""


Single Sign On URL:

Recipient URL:

Destination URL:

Audience Restriction:

Name ID Format:	 EmailAddress

Response:	 Signed

Assertion Signature:	 Signed

Signature Algorithm:	 RSA_SHA256
Digest Algorithm:	 SHA256
Assertion Encryption: Unencrypted

Name 				Name Format 			Value
user.login 			Unspecified

SAML Single Logout:	 Enabled
Signature Certificate saml-sign.crt (CN=saml-sign)

Honor Force Authentication:	 Yes

And i keep getting this error when i try to login

{"statusCode":401,"error":"Unauthorized","message":"[security_exception] unable to authenticate user [<unauthenticated-saml-user>] for action [cluster:admin/xpack/security/saml/authenticate], with { header={ WWW-Authenticate={ 0=\"Bearer realm=\\\"security\\\"\" & 1=\"ApiKey\" & 2=\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\" } } }"}

Have you read ,point 4 ? The cause of error should already be printed in your logs .

This is very useful and this is the first time i am seeing the documentation on SAML common errors. But i checked the logs and there is no errors relating to SAML or to the reason why it is failing to login.

Can you share a sample few lines from your elasticsearch log at around the time you get the message above in your browser?

@ikakavas i played with it again this morning. Until i finally figure it out. Thanks a lot for the help and patience.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.