Field-Level Security for Search/Aggregate

Is there any way to get field-level security to allow/disallow searching / aggregating against specific fields? I’ve tried setting up OpenDistro and create a test user/role, but all I can manage is to hide the field from _source as it’s returned. What I would like to be able to do is to restrict which fields a specific user can search through.

My use-case is that I have an index with different fields that different tiers of users can / can not search. My current approach is to create two indices with the different sets of fields that the user can query.

Are you still looking for a solution for this?
We offer document/ field level encryption based security that we can re-purpose as ACL type solution.
Please reach out if you are still looking.

Hi @jojo Did you get this resolved?

I’ve just tested usng odfe 1.13.0 and the user is not able to search using fields that are hidden by fls.

If you are still having this issue can you confirm which version of odfe you are using?