Failed to get subject from JWT claims - OpenID

Hello everyone,

I receive the following error with OpenID (Azure) configuration :

opensearch-node1         | [2021-08-12T00:21:27,615][WARN ][c.a.d.a.h.j.AbstractHTTPJwtAuthenticator] [opensearch-node1] Failed to get subject from JWT claims, check if subject_key 'preferred_username' is correct.
opensearch-node1         | [2021-08-12T00:21:27,615][ERROR][c.a.d.a.h.j.AbstractHTTPJwtAuthenticator] [opensearch-node1] No subject found in JWT token
opensearch-node1         | [2021-08-12T00:21:27,616][WARN ][o.o.s.h.HTTPBasicAuthenticator] [opensearch-node1] No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'
opensearch-dashboards    | {"type":"log","@timestamp":"2021-08-12T00:21:27Z","tags":["error","plugins","securityDashboards"],"pid":1,"message":"OpenId authentication failed: Error: Authentication Exception"}

config.yml

      openid_auth_domain:
        http_enabled: true
        transport_enabled: false
        order: 0
        http_authenticator:
          type: openid
          challenge: false
          config:
            subject_key: preferred_username
            roles_key: roles
            openid_connect_url: https://login.microsoftonline.com/----/v2.0/.well-known/openid-configuration
        authentication_backend:
          type: noop

opensearch-dashboard.yml

opensearch_security.auth.type: "openid"
opensearch_security.openid.connect_url: "https://login.microsoftonline.com/----/v2.0/.well-known/openid-configuration"
opensearch_security.openid.client_id: "------------------------"
opensearch_security.openid.client_secret: "------------"
opensearch_security.openid.scope: "openid"
opensearch_security.openid.base_redirect_url: "http://localhost:5601"

@rtarek I would recommend to raise a ticket using below link to expose the JWT created from oidc. As currently there doesn’t appear to be a way to view the created JWT, which would help in your case.

opensearch-dashboards | {“type”:“log”,"@timestamp":“2021-08-12T00:21:27Z”,“tags”:[“error”,“plugins”,“securityDashboards”],“pid”:1,“message”:“OpenId authentication failed: Error: Authentication Exception”}

Same issue , could someone help on this issue