I think you’re making progress because its no longer giving you a “An error occurred during initialisation, please check the logs” error. Additionally, its no longer failing on Basic Auth, but attempting to perform the OpenID Connect flow.
So this is good. Now you should be seeing more details in /var/log/elasticsearch/spartanlync-cluster.log because the elasticsearch backend is now communicating (and failing with your IDP provider). Make sure the debug settings are enabled in /etc/elasticsearch/log4j2.properties. Like a mentioned before…clear your logs first b4 attempting a login. then examine the logs after your get the “ Authentication finally failed”. You should be seeing the reason for failure in elasticsearch log.
I certainly did when I got that error message. For me the reason was elasticsearch was failing while trying to fetch the Auth token from IDP with URL
https://my.IDP.com:8443/auth/realms/myrealm/.well-known/openid-configuration, because my cert file did not include root/intermediate certs in the chain, as explained earlier. Your reason might be different. Send a full dump of that log as i mentioned including everything during kibana auth.
At this point you are also verifying your IDP setting. Make sure your IDP configuration has Valid Redirect URIs set to the following URLs:
https://my.domain.com:5601/auth/openid/login
https://my.domain.com:5601
https://my.domain.com:5601/app/kibana