I am trying to get a Kibana running on my localhost to use AWS/Cognito (OIDC) for authentication. I am connecting to an AWS ElasticSearch cluster. The AWS managed Kibana is setup and works with the Cognito User Pool but we need to use our own Kibana service with plugins etc.
Things appear to work OK. I get redirected to Cognito for login credentials and Cognito redirects to http://localhost:5601/auth/openid/login after authentication. Kibana seems to want to load but I eventaully always end up here with a blank screen:
http://localhost:5601/customerror?type=authError#?_g=()
If I look at the source code for the page, I see this:
This Kibana installation has strict security requirements enabled that your current browser does not meet.
// Since this is an unsafe inline script, this code will not run
// in browsers that support content security policy(CSP). This is
// intentional as we check for the existence of kbnCspNotEnforced in
// bootstrap.
window.kbnCspNotEnforced = true;
My theory for the moment is that things are not working because my localhost is not using SSL.
Anybody can confirm that or point to some other explanantion/solution?