Where can I get exchange_key for SAML configuration in opensearch?

ravis85 · February 11, 2022, 10:00am

Hello,

I have installed opensearch on docker containers using docker-compose file and trying to setup SAML SSO using PingIdentity.

There is one parameter required for SAML SSO in opensearch, which is exchange_key. I don’t know what this exchange_key is and where can I get this key?

Is it needs to be generated on IdP side or I can generate it using online HMAC tool(Free Online HMAC Generator / Checker Tool (MD5, SHA-256, SHA-512) - FreeFormatter.com). Does this key has some relation with IdP ? If yes, how to map it with IdP

Could you please help me here?

Thanks

pablo · February 11, 2022, 10:50am

Hello @ravis85

As per documentation, the exchange_key is used to sign tokens by the security plugin. It should have at least 32 characters and is set only on the security plugin side.

ravis85 · February 11, 2022, 11:48am

Hi @pablo

Thanks for your reply.

So I can create the exchange_key using HMAC algorithm and use that key in config.yml file for SAML setup and it should work?

pablo · February 11, 2022, 2:17pm

@ravis85 That’s correct.

Topic		Replies	Views
Kibana SAML Integration Security	3	653	February 25, 2021
SamlConfigException: Could not find entity descriptor , in Docker, using Auth0 as IDP with SAML OpenSearch troubleshoot	0	606	June 17, 2022
Unable to configure SAML using IDP_Metadata File Security	12	436	February 21, 2023
Failing to configure SAML between OpenSearch and Keycloak Security configure	8	1233	February 28, 2023
Azure sso with saml issue OpenSearch troubleshoot	3	834	November 30, 2022

Where can I get exchange_key for SAML configuration in opensearch?

Related Topics