I have been working to setup SAML and am pretty much there, but my understanding is that you lose access to the internal ‘admin’ user, once it has been setup.
With ODFE 1.12.0 (docker), via SAML, I can login as my user and can see my AD group membership passed back as the Role in the SAML assertion. I am a member of the AD group grp_Elastic_Admins.
I can successfully map that backend role to various system and user defined roles, eg kibana_user, own_index and some other custom roles, but I want to map that backend role to the all_access role, so that being a member of grp_Elastic_Admins gives me the Security tab in Kibana (which is currently not visible).
I have the following config
all_access: reserved: false backend_roles: - "admin" - "grp_Elastic_Admins" description: "Maps admin to all_access"
I have tried reloading the config and rolesmapping via running securityadmin.sh but I cannot get kibana to recognise that I am mapped to the all_access role.
Am I missing something fundamental here, or going about this the wrong way? Happy to provide snippets of config if this will help.