Hello, I’m having issues configuring SAML with Azure IDP. It was working before, but it broke after upgrading my stack from 7.6.1 to 7.10.2. Now I can’t get it to work. Here is my saml config:
saml_auth_domain:
http_enabled: true
order: 1
http_authenticator:
type: saml
challenge: true
config:
idp:
metadata_url: https://login.microsoftonline.com/026419...9bd3-5ae9a9aa02fa/federationmetadata/2007-06/federationmetadata.xml?appid=2531...b141
entity_id: https://sts.windows.net/0264190...aa02fa/
sp:
entity_id: kib-saml
kibana_url: https://C04-KIB801-01:5601/
roles_key: "Role"
exchange_key: bdaaa...165754
authentication_backend:
type: noop
Applying the config is successful, but I get the following error in the logs:
[2022-06-21T11:45:46,575][ERROR][o.o.s.m.r.i.AbstractReloadingMetadataResolver] [C04-ELS801-01] Metadata Resolver SamlFilesystemMetadataResolver com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator_9: Error occurred while attempting to refresh metadata from '/etc/elasticsearch/https:/login.microsoftonline.com/0264...a02fa/federationmetadata/2007-06/federationmetadata.xml?appid=253126ae-3...bb141'
[2022-06-21T11:45:46,576][INFO ][o.o.s.m.r.i.AbstractReloadingMetadataResolver] [C04-ELS801-01] Metadata Resolver SamlFilesystemMetadataResolver com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator_9: Next refresh cycle for metadata provider '/etc/elasticsearch/https:/login.microsoftonline.com/02641...02fa/federationmetadata/2007-06/federationmetadata.xml?appid=253126...b141' will occur on '2022-06-21T15:50:46.575Z' ('2022-06-21T11:50:46.575-04:00' local time)
What I find odd is /etc/elasticsearch/https:/login.microsoftonline.com Anyone has any idea?
Thank you,