Kibana/Elasticsearch SAML

I have an Elasticsearch 7.1.1/Kibana-oss-7.1.1 cluster up using Opendistro security plugins. I am able to log in using internal users. SAML is configured on ES cluster and I see it getting loaded by the nodes, in the logs.

When I set auth to SAML, on Kibana, it starts up and indicates it is connecting to the cluster. But when I go to the Kibana main page I get the error ‘Something went wrong while retrieving the SAML configuration, please check your settings’ Instead of getting redirected to the idP login page.

I bumped up all the logging and I don’t see any errors or indications of why kibana is failing to get the SAML configs from the ES.


elasticsearch.hosts: [“https://elasticsearch.local:9200”]
elasticsearch.username: “kibana”
elasticsearch.password: “”
server.ssl.enabled: true
server.ssl.certificate: /etc/ssl/kibana.crt
server.ssl.key: /etc/ssl/kibana.key
opendistro_security.auth.type: “saml”
server.xsrf.whitelist: [“/_opendistro/_security/saml/acs”]

@lrsmith Did you get this resolved? If not, can you provide your config.yml file? (redact any sensitive details)