We integrated keyclock Authentication with opendistro-for-elasticsearch and kibana.
followed below reference link:
- created one realm ODFE
- in ODFE realm , created a client keyclock-odfe
- configured authc like below
openid_auth_domain: http_enabled: true transport_enabled: true order: 0 http_authenticator: type: openid challenge: false config: subject_key: preferred_username roles_key: roles openid_connect_url: https://server-ip:8080/auth/realms/ODFE/.well-known/openid-configuration authentication_backend: type: noop
- configured kibana.yml like below:
opendistro_security.auth.type: "openid" opendistro_security.openid.connect_url: "http://server-ip:8082/auth/realms/ODFE/.well-known/openid-configuration" opendistro_security.openid.client_id: "keyclock-odfe" opendistro_security.openid.client_secret: "20ab3d6b-00c3-450f-a1da-bfd3c8950b19" opendistro_security.openid.scope: "openid"
it is working fine.
Now we have the requirement of connecting/configuring multiple realms to the same elk setup.
as we can see kibana.yml has all parameters as a string and not an array, how will we be able to mention multiple connect URL with different realms,
different multiple cliend_id, and client_secrete.
how can I add multiple such realms connect url, its cilent-name and client-id’s in kibama.yml or is there anyway, how to use kibana.yml with multiple realms and clients