REST API auth through OpenID

Hello,

I have properly configured integration of OpenID on OpenSearch and Dashboards.
I need users to be able to autheticate to REST API through OpenID.

Is there any endpoint on OpenSearch that returns Bearer token?

I was able to generate correct token calling OpenID API passing client id and client password, but that’s not the point as I can’t give users such details.

I’m using OpenSearch 2.3.0.

Best regards,
Radek

@Radek The OpenSearch doesn’t have such an endpoint. The OpenID authentication with the OpenSearch cluster is done through OpenSearch Dashboards.

Hey Pablo,

I’ve checked and not only Dashboards accept Bearer tokens, OpenSearch REST API endpoints do it too. In such case I’ll write own endpoint then. Thanks for info.

BR,
R

@Radek The question was if OpenSearch has an endpoint that returns Bearer and not accepts.
So the answer is no to return and yes to accept. You can query IDP (i.e. Keycloak) to generate the Bearer and inject it as a header in your API requests to the OpenSearch cluster.