Has anyone configured cloudflare access SSO for opensearch dashboard?

lapidnw · April 26, 2024, 2:17pm

Hey,

i was wondering if anyone has configured Opensearch Dashboard to use the Cf-Access-Jwt-Assertion-Header (described here ) provided by Cloudflare with every request that goes through there Tunnel together with the JWT Authentication Backend as Authenticationmethod?

Unfortunately i could not find any articles or documentation about this. I found on the JWT-Authentication Page that i need to set the following configuration in the opensearch dashboard, which made me wonder if this is even possible since there seems to be no option for Headers:

opensearch_security.auth.type: "jwt"
opensearch_security.jwt.url_param: <your-param-name-here>

Mantas · April 26, 2024, 3:20pm

Hi @lapidnw,

You can set the header in config.yml i.e:

jwt_auth_domain.http_authenticator.config.jwt_header: "Authorization"

Note: in your opensearch_dashboards you will need to allow it as well.
i.e:
opensearch.requestHeadersWhitelist: [Authorization]

Let me know if you have any further questions.

Best,
mj

Topic		Replies	Views
Configuration of JWT in URL for authentication Security configure	7	1234	June 19, 2023
I want to configure opensearch dashboards behind a reverse proxy, that will do the SSL authentication for me Security	12	1888	August 31, 2023
Issue with Configuring Dashboards Sign-In for Multiple Authentication Options OpenSearch Dashboards	4	345	April 6, 2023
Opensearch dashboards getting No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic' when trying to login via SSO OpenSearch Dashboards	17	1432	January 16, 2024
Enabled JWT Authentication for Opensearch Security	19	2072	April 6, 2023

Has anyone configured cloudflare access SSO for opensearch dashboard?

Related Topics