Adding document level security doesnt let user login to dashboard

Hi everyone, we added document level security to one of the roles and after doing this we are not able to login to opensearch dashboard as users mapped to that role, we are able to query opensearch cluster as these users the issue seems to be just when logging in through opensearch dashbpard, we are getting this error when we try to login,:

{“statusCode”:404,“error”:“Not Found”,“message”:“Saved object [config/1.3.1] not found”}

We removed document level security in role and we are able to login just fine, can someone please help us with this not sure what we are missing.

We have tried adding kibana_all_read and kibana_all_write to user but still no luck

@karthik Could you share your DLS and the role settings?

I’m running into this exact error that goes away when I remove DLS. Using OpenSearch & Dashboards 2.16 Debian install.

Here’s my role config:

external_jwt_user:
  reserved: true
  hidden: false
  cluster_permissions:
    - read
    - cluster_composite_ops_ro
  index_permissions:
    - index_patterns:
      - "the-logs"
      - "*" # added for debugging
      allowed_actions:
        - read
        - "*" # added for debugging
      dls: "{\"term\": {\"organization_id\": \"${attr.jwt.organization_id}\"}}"
  tenant_permissions: []
  static: false

Did you get this figured out?

@merlinz01 What is your authentication/authorization type?
Could you share your config.yml?