Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
opensearch version : 2.3.0
opensearch dasboard : 2.3.0
Browser : Chrome
Describe the issue:
After configuring openid with opensearch it throws an error after entering the credentials ( using azure micorsoft sigin - azure ad ( idp ).
At first after configuration i was able to login succesfully but the permission were not retained ( had a complete new dashboard in place ). But after restarting the dashboard it throws an 401 error andn from then on I am not able to get to dashboard.
Configuration:
config.yml
authc:
basic_internal_auth_domain:
description: "Authenticate via HTTP Basic against internal users database"
http_enabled: true
transport_enabled: true
order: 1
http_authenticator:
type: basic
challenge: false
authentication_backend:
type: internal
openid_auth_domain:
order: 0
http_enabled: true
transport_enabled: true
http_authenticator:
type: openid
challenge: false
config:
roles_key: roles
subject_key: email
openid_connect_url: https://login.microsoftonline.com/<tenantid>/v2.0/.well-known/openid-configuration
authentication_backend:
type: noop
opensearch_dashboard.yml
opensearch_security.auth.type: openid
opensearch_security.openid.client_id: “id”
opensearch_security.openid.client_secret: secret_id
opensearch_security.openid.scope: “openid email profile offline_access User.Read”
opensearch_security.openid.base_redirect_url: https:/
opensearch_security.openid.connect_url: https://login.microsoftonline.com//v2.0/.well-known/openid-configuration
Note : after each change in any config file, I had run securyadmin.sh script
Relevant Logs or Screenshots:
could anyone please help me with this, I have been stuck with days on this now.