While configuring OpenDistro Security plugin for OIDC using Azure AD app registration, I am aware to what will be url for Kibana to register and how to use it.
Kibana URL - https://localhost:5601/auth/openid/login
I dont see the examples for elasticsearch api urls registration. Is the URL will be similar to like this -
and how to get token to use it. Any guidance will be highly appreciated. Thanks
Why do you want to configure ES in Azure? If you want to use Kibana, there is no need to configure ES.
Hi @pablo Thanks for the response.
Sorry, I may have confused you, Let me rephrase it We are using Microsoft Identity Solution (Azure AD). Security team is advising not to use basic auth for Elasticsearch APIs. So I wanted to go for any other modern auth. (ex: OAuth/ SAML/ OpenID) keeping Kibana’s OpenID Auth intact. Please advise. Thanks
@arunkumarsingh, basicauth is required for Kibana. It has to be enabled and configured in config.yml along with OAuth/SAML/OpenID authentication.
Thanks @pablo for the information. In Case of Kibana I am aware that it is a requirement. I was wondering how this config will work. Kibana [openid] / Elasticsearch [ basic + OAuth/SAML]
Any pointer to config file arrangement will help. Thanks
@arunkumarsingh you can’t run separate authentication for Kibana and ES.
If you go with OID then both have to be set for OID.