OpenSearch JWT authentication

I’m trying to autenticate to OpenSearch using a JWT token and i keep getting the following error:

[2022-09-05T10:24:00,610][WARN ][o.o.s.h.HTTPBasicAuthenticator] [mikeVIrtual] No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic’

This is my config.yml:

    description: "Authenticate via HTTP Basic against internal users database"
    http_enabled: true
    transport_enabled: true
    order: 1
      type: basic
      challenge: true
      type: intern
    description: "Authenticate via Json Web Token"
    http_enabled: true
    transport_enabled: true
    order: 0
      type: jwt
      challenge: false
        signing_key: YmlnIHNlY3JldA==
        jwt_header: "Authorization"
        jwt_url_parameter: null
        roles_key: roles
        subject_key: sub
      type: noop

And this is my postman request:

This is how i’m generating the token (it doesn’t even matter right now because it’s not even evaluating if the token is valid or not from the above error):

“sub”: “admin”,
“iat”: 1662357733,
“exp”: 1667620920,
“roles”: “own_index, all_access”

It’s also a bit unclear if these validated registered claims from the documentation are mandatory or optional.

I also believe that the enabled flag from the documentation config example is deprecated since i’m getting an unknown argument error if i’m trying to use it in the config.yml.

Any help would be really appreciated, i’ve been reading and experimenting with the configuration for over a week without any results. Thanks!

In case anyone stumbles upon this problem:

Enable more detailed logs for opensearch security plugin: set it to debug in opensearch.yml

And in my case, the signing_key was too short and it wasn’t accepted…