Hello,
I want to be able to login to kibana either as a user authenticated via sso (openid, in my case), or as a local user (which i think opendistro calls ‘basic_internal_auth_domain’), but when I enable the sso authentication, all login requests goto my sso IdP, and so logging in as a local user is no longer possible.
How can I arrange for both kinds of users to be able to login?
Here’s the openid and basic_internal ‘authc’ sections of my opendistro config.yml:
authc:
basic_internal_auth_domain:
http_enabled: true
transport_enabled: true
order: 0
http_authenticator:
type: basic
challenge: true
authentication_backend:
type: intern
openid_auth_domain:
http_enabled: true
transport_enabled: true
order: 1
http_authenticator:
type: openid
challenge: false
config:
subject_key: preferred_username
roles_key: roles
openid_connect_url: https://login.microsoftonline.com/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/v2.0/.well-known/openid-configuration
authentication_backend:
type: noop