Has anyone configured cloudflare access SSO for opensearch dashboard?


i was wondering if anyone has configured Opensearch Dashboard to use the Cf-Access-Jwt-Assertion-Header (described here ) provided by Cloudflare with every request that goes through there Tunnel together with the JWT Authentication Backend as Authenticationmethod?

Unfortunately i could not find any articles or documentation about this. I found on the JWT-Authentication Page that i need to set the following configuration in the opensearch dashboard, which made me wonder if this is even possible since there seems to be no option for Headers:

opensearch_security.auth.type: "jwt"
opensearch_security.jwt.url_param: <your-param-name-here>

Hi @lapidnw,

You can set the header in config.yml i.e:

jwt_auth_domain.http_authenticator.config.jwt_header: "Authorization"

Note: in your opensearch_dashboards you will need to allow it as well.
opensearch.requestHeadersWhitelist: [Authorization]

Let me know if you have any further questions.