Configure multiple OpenID connect realms, its clients and secrete keys in kibana.yml

We integrated keyclock Authentication with opendistro-for-elasticsearch and kibana.
followed below reference link:

in keyclock:

  1. created one realm ODFE
  2. in ODFE realm , created a client keyclock-odfe
  3. configured authc like below
  http_enabled: true
  transport_enabled: true
  order: 0
    type: openid
    challenge: false
      subject_key: preferred_username
      roles_key: roles
      openid_connect_url: https://server-ip:8080/auth/realms/ODFE/.well-known/openid-configuration
    type: noop
  1. configured kibana.yml like below:
opendistro_security.auth.type: "openid"
opendistro_security.openid.connect_url: "http://server-ip:8082/auth/realms/ODFE/.well-known/openid-configuration"
opendistro_security.openid.client_id: "keyclock-odfe"
opendistro_security.openid.client_secret: "20ab3d6b-00c3-450f-a1da-bfd3c8950b19"
opendistro_security.openid.scope: "openid"

it is working fine.

Now we have the requirement of connecting/configuring multiple realms to the same elk setup.
as we can see kibana.yml has all parameters as a string and not an array, how will we be able to mention multiple connect URL with different realms,
different multiple cliend_id, and client_secrete.
how can I add multiple such realms connect url, its cilent-name and client-id’s in kibama.yml or is there anyway, how to use kibana.yml with multiple realms and clients

Hi @disha27

The latest OpenDistro and OpenSearch doesn’t support multiple authentication types in one environment.