Hi,
I am trying to configure SAML SSO in on premises Elasticsearch environment (kubernetes elasticseatrch & kibana) and getting "You do not have permission to access the requested page". have tried all settings and still no luck. even it is not triggered any logs in ES. Please help me am i missing anything in config file
Elasticsearch.yaml:
xpack.security.authc.token.enabled: true
xpack.security.authc.realms.saml.saml-azure-ad:
order: 2
attributes.principal: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'
attributes.groups: 'http://schemas.microsoft.com/ws/2008/06/identity/claims/groups'
idp.metadata.path: 'https://login.microsoftonline.com/{{changed}}/federationmetadata/2007-06/federationmetadata.xml?appid={{changed}}'
idp.entity_id: 'https://sts.windows.net/{{changed}}/'
sp.entity_id: 'https://kibana.example.com'
sp.acs: 'https://kibana.example.com/api/security/v1/saml'
sp.logout: 'https://kibana.example.com/logout'
kibana.yaml:
kibana.yml: |-
server.host: 0.0.0.0
Elasticsearch:
hosts: ${ELASTICSEARCH_HOSTS}
username: ${ELASTICSEARCH_USER}
password: ${ELASTICSEARCH_PASSWORD}
Elasticsearch.ssl.certificateAuthorities: [ "config/Elasticsearch-ca.pem" ]
xpack.encryptedSavedObjects.encryptionKey: {xxxxxx}
xpack.reporting.encryptionKey: {xxxxxx}
xpack.security.encryptionKey: {xxxxxx}
xpack.security.authc.providers:
saml.saml1:
order: 0
realm: "saml-azure-ad"
description: "Log in with Microsoft 365"
basic.basic1:
order: 1
server.xsrf.whitelist: ['/api/security/v1/saml']
