Versions (relevant - OpenSearch/Dashboard/Server OS/Browser): v2.5.0
Describe the issue:
I configured the Opensearch Dashboard to allow users to log in using either basic authentication or SSO. I have added the required configuration properties and also the Opensearch Dashboard redirect URL in OKTA.
I also added the user with email id as a username as Internal User in Opensearch Dashboard and provided the below roles also.
- kibana_user
- kibana_read_only
But on login via OKTA, I am getting the below error.
{"type":"log","@timestamp":"2023-02-22T05:37:17Z","tags":["error","plugins","securityDashboards"],"pid":1,"message":"OpenId authentication failed: Error: Authentication Exception"}
Configuration:
OpenSearch Dashboard Config:
opensearch_security.auth.type: ["basicauth","openid"]
opensearch_security.auth.multiple_auth_enabled: true
opensearch_security.openid.connect_url: "https://dev-XXX.okta.com/oauth2/XXXXX/.well-known/oauth-authorization-server"
opensearch_security.openid.client_id: "client id"
opensearch_security.openid.client_secret: "client secret"
OKTA Config:
LOGIN
Sign-in redirect URIs
http://0.0.0.0:5601/auth/openid/login
http://localhost:5601/auth/openid/login
http://localhost:5601
http://0.0.0.0:5601
Sign-out redirect URIs
http://localhost:5601
http://localhost:5601/app/opensearch-dashboards
Relevant Logs or Screenshots: