Hello, We have been struggling with 401 unauthorized error for openID integration (Keycloak as IdP) for Kibana with openDistro security plugin The authentication integration works fine for the 1st time. But once we restart the kibana we are getting the 401 unauthorized error. To make kibana work w…

@Ajay Is the configuration you provided complete or there are parts excluded, like openid.client_secret? Also, can you confirm which odfe version you are using?

@Anthony Thanks for reply This is the complete configuration & as the keycloak client has a public access type so client_ secret is not set. The ODFE version is 1.13.1.0

Update 05/08/2021 We tried integrating with Azure AD trial account & we are seeing the same behavior that after the restart of kibana getting 401 unauthorized. Here in this integration we have included openid.client_secret in the kibana config.

@Ajay I managed to reproduce your error, looking into it now

@Anthony As a workaround we had downgraded the setup version to see if it works for older version. Elasticsearch : 7.10.0 Kibana : 7.10.0 Opendistro : 1.12.0.0 But facing the same issue of 401 unauthorized after kibana restart. We have not tried the ODFE 1.13.0 will check on that.

@Anthony Can you please provide the link for kibana_security_plugin-1.13.0.0. We are getting access denied when trying to download by changing the version number in plugin install URL. We are able to install Opendistro_security_plugin for elasticsearch-1.13.0.0. PS: We are having doubt about this …

@Ajay elasticsearch plugin: https://d3g5vo6xdbdb9a.cloudfront.net/downloads/elasticsearch-plugins/opendistro-security/opendistro-security-1.13.0.0.zip kibana plugin: https://d3g5vo6xdbdb9a.cloudfront.net/downloads/kibana-plugins/opendistro-security/opendistroSecurityKibana-1.13.0.1.zip However I …

@Anthony Thanks for the response by changing the opendistro security to 1.13.0 resolved the issue.

@Ajay Could you submit a bug report for this using below link to bring awareness to the dev team: [image] Issues · opensearch-project/OpenSearch 🔎 Open source distributed and RESTful search engine. - Issues · opensearch-project/OpenSearch

Kibana 401 unauthorized error

Security

Anthony August 6, 2021, 3:20pm 6

@Ajay Still looking into this, My local testing seems to indicate that the issue was introduced in 1.13.1, but was working fine in 1.13.0, as a temporary workaround have you tried 1.13.0?

Topic		Replies	Views
Failed to authenticate anymore to kibana using keycloak as IDP provider and opendistro_serurity plugin Security	1	409	October 26, 2021
Kibana doesn't redicrt to login-page Security	4	853	February 17, 2021
Kibana + Kerberos auth is broken in 1.4.0? Security	6	1921	September 2, 2020
Kibana Start Up Fails after invalid Security Update Security	5	757	July 7, 2021
OpenDistro ES and kIbana 7.9 Open Source Elasticsearch and Kibana	3	834	February 3, 2021

Kibana 401 unauthorized error

Related topics