Create role mapping
PUT _opendistro/_security/api/rolesmapping/indexA
{
“backendroles” : [ “indexA” ],
“users” : [ “userA” ]
}
This works just fine, my user can’t do anything else but the specified in the role.
But somethings are unclear to me, why I need to do the role mapping, if someone could help me to understand the diference of a role, role maping, and backend role.
I would also like a good document reference to learn about this concepts
Backend roles are used when you have backend configured for authentication (LDAP, SAML, OpenID etc.)
When user is authenticated the IDP send backend roles information.
Backend roles are mapped to roles in security module to allow access functions and resources of ODFE stack.