Hi,
We integrated keyclock Authentication with opendistro-for-elasticsearch and kibana.
followed below reference link:
in keyclock:
- created one realm ODFE
- in ODFE realm , created a client keyclock-odfe
- configured authc like below
openid_auth_domain:
http_enabled: true
transport_enabled: true
order: 0
http_authenticator:
type: openid
challenge: false
config:
subject_key: preferred_username
roles_key: roles
openid_connect_url: https://server-ip:8080/auth/realms/ODFE/.well-known/openid-configuration
authentication_backend:
type: noop
- configured kibana.yml like below:
opendistro_security.auth.type: "openid"
opendistro_security.openid.connect_url: "http://server-ip:8082/auth/realms/ODFE/.well-known/openid-configuration"
opendistro_security.openid.client_id: "keyclock-odfe"
opendistro_security.openid.client_secret: "20ab3d6b-00c3-450f-a1da-bfd3c8950b19"
opendistro_security.openid.scope: "openid"
it is working fine.
Now we have the requirement of connecting/configuring multiple realms to the same elk setup.
as we can see kibana.yml has all parameters as a string and not an array, how will we be able to mention multiple connect URL with different realms,
different multiple cliend_id, and client_secrete.
how can I add multiple such realms connect url, its cilent-name and client-id’s in kibama.yml or is there anyway, how to use kibana.yml with multiple realms and clients