Keycloak kibana openid 401

Authentication failed

Please provide a new token.

/etc/kibana/kibana.yml

opendistro_security.auth.type: “openid”
opendistro_security.openid.connect_url: “http://192.168.1.23:8080/auth/realms/demo/.well-known/openid-configuration
opendistro_security.openid.client_id: “postman”
opendistro_security.openid.client_secret: “13e8d785-8e1b-4b0f-969a-cf9e0337e8a3”

elasticsearch.hosts: https://localhost:9200
elasticsearch.username: “kibanaserver”
elasticsearch.password: “kibanaserver”
elasticsearch.ssl.verificationMode: none
elasticsearch.requestHeadersWhitelist: [“Authorization”, “security_tenant”]

elastic.log

19-10-05T11:53:28,337][DEBUG][c.a.o.s.p.PrivilegesEvaluator] [Master home] Result from privileges interceptor for cluster perm: null
[2019-10-05T11:53:28,337][DEBUG][c.a.o.s.p.PrivilegesEvaluator] [Master home] Allowed because we have cluster permissions for cluster:monitor/nodes/info
[2019-10-05T11:53:28,338][DEBUG][c.a.o.s.f.OpenDistroSecurityFilter] [Master home] PrivEvalResponse [allowed=true, missingPrivileges=, allowedFlsFields=null, maskedFields=null, queries=null]
[2019-10-05T11:53:29,594][DEBUG][i.n.h.s.SslHandler ] [Master home] [id: 0x55803c6a, L:/127.0.0.1:9200 - R:/127.0.0.1:37088] HANDSHAKEN: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[2019-10-05T11:53:29,595][DEBUG][c.a.o.s.a.BackendRegistry] [Master home] Check authdomain for rest internal/4 or 1 in total
[2019-10-05T11:53:29,595][WARN ][c.a.o.s.h.HTTPBasicAuthenticator] [Master home] No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic’
[2019-10-05T11:53:29,611][DEBUG][i.n.h.s.SslHandler ] [Master home] [id: 0xa65305a8, L:/127.0.0.1:9200 - R:/127.0.0.1:37086] HANDSHAKEN: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[2019-10-05T11:53:29,622][DEBUG][c.a.o.s.a.BackendRegistry] [Master home] Check authdomain for rest internal/4 or 1 in total
[2019-10-05T11:53:29,622][WARN ][c.a.o.s.h.HTTPBasicAuthenticator] [Master home] No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic’
[2019-10-05T11:53:30,846][DEBUG][c.a.o.s.a.BackendRegistry] [Master home] Check authdomain for rest internal/4 or 1 in total
[2019-10-05T11:53:30,847][DEBUG][c.a.o.s.a.BackendRegistry] [Master home] Rest user ‘User [name=kibanaserver, roles=, requestedTenant=null]’ is authenticated
[2019-10-05T11:53:30,847][DEBUG][c.a.o.s.a.BackendRegistry] [Master home] securitytenant ‘null’
[2019-10-05T11:53:30,847][DEBUG][c.a.o.s.p.PrivilegesEvaluator] [Master home] ### evaluate permissions for User [name=kibanaserver, roles=, requestedTenant=null] on Master home
[2019-10-05T11:53:30,847][DEBUG][c.a.o.s.p.PrivilegesEvaluator] [Master home] action: cluster:monitor/nodes/info (NodesInfoRequest)
[2019-10-05T11:53:30,847][DEBUG][c.a.o.s.r.IndexResolverReplacer] [Master home] Resolve aliases, indices and types from NodesInfoRequest
[2019-10-05T11:53:30,847][DEBUG][c.a.o.s.p.PrivilegesEvaluator] [Master home] requestedResolved : Resolved [aliases=[], indices=[], allIndices=[], types=[], originalRequested=, remoteIndices=]
[2019-10-05T11:53:30,848][DEBUG][c.a.o.s.c.PrivilegesInterceptorImpl] [Master home] raw requestedTenant: ‘null’
[2019-10-05T11:53:30,848][DEBUG][c.a.o.s.p.PrivilegesEvaluator] [Master home] Result from privileges interceptor for cluster perm: null
[2019-10-05T11:53:30,848][DEBUG][c.a.o.s.p.PrivilegesEvaluator] [Master home] Allowed because we have cluster permissions for cluster:monitor/nodes/info
[2019-10-05T11:53:30,848][DEBUG][c.a.o.s.f.OpenDistroSecurityFilter] [Master home] PrivEvalResponse [allowed=true, missingPrivileges=, allowedFlsFields=null, maskedFields=null, queries=null]
[2019-10-05T11:53:33,361][DEBUG][c.a.o.s.a.BackendRegistry] [Master home] Check authdomain for rest internal/4 or 1 in total
[2019-10-05T11:53:33,361][DEBUG][c.a.o.s.a.BackendRegistry] [Master home] Rest user ‘User [name=kibanaserver, roles=, requestedTenant=null]’ is authenticated
[2019-10-05T11:53:33,362][DEBUG][c.a.o.s.a.BackendRegistry] [Master home] securitytenant ‘null’

jjwt

eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJUQUlReUNpVmloUG9pVXlBZWFJM3Zmbkl0T3IwdGV6eWNHUmhwNEdRSkc4In0.eyJqdGkiOiI2ODQ3MzJlZC04OWM4LTQ2MTYtYTQ2ZC0yMjVmZjM5YjdhYjgiLCJleHAiOjE1NzAyNjYyNTUsIm5iZiI6MCwiaWF0IjoxNTcwMjY1OTU1LCJpc3MiOiJodHRwOi8vMTkyLjE2OC4xLjIzOjgwODAvYXV0aC9yZWFsbXMvZGVtbyIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiIwYmU2NjNmMi0yMTYzLTRmZTItOGQwZi1iNDcwYjA3ZjFmYjQiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJwb3N0bWFuIiwiYXV0aF90aW1lIjoxNTcwMjY1ODcwLCJzZXNzaW9uX3N0YXRlIjoiOWIyYTE2ZWMtODBmZS00ZjkxLTliNzMtZTg1MjA4ODQ3MDA3IiwiYWNyIjoiMCIsImFsbG93ZWQtb3JpZ2lucyI6WyIqLyoiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6Im9wZW5pZCBlbWFpbCBwcm9maWxlIiwicm9sZSI6ImFkbWluIiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJyb2xlcyI6ImFkbWluIiwibmFtZSI6InRlIHRlIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidGUiLCJnaXZlbl9uYW1lIjoidGUiLCJmYW1pbHlfbmFtZSI6InRlIiwiZW1haWwiOiJ0ZUB0ZXN0LmNvbSJ9.PbnVoXapKjSG6PzIy8_CeKe0BrQc3i5jPkuNfbEEqG3iUWAuWe7AtpK6GR1Z1LY0E7K4qbfe45GT4qj3d2OpG0c2zysMcg5DsMNHBFO6Rbj-nqm3ImO2Ym_7Fs0ihCR_gcYaTXLArNqqcAnPVllPc12FFlKf0NFVouf6amwhFZDiB5iKK2rlZsNLvDc9Gy3w2Kik3Tp6IUSTbKTobCw5QWklEI5wYELLuP6gE8pcWHq9Ra2mgndsZF9NkHzPhNX5mlDwZBnR4gKYJEHqnrnDdu4jO18LmzapcyYK9b_xkzw9XADstB8U_BK1jD_zxL51AzVL4JXHIXK12P0l9Y59Zg

{
“jti”: “50922b90-a3aa-4207-9a98-3c86de9f0157”,
“exp”: 1572826286,
“nbf”: 0,
“iat”: 1572825986,
“iss”: “http://192.168.1.23:8080/auth/realms/demo”,
“aud”: “account”,
“sub”: “0be663f2-2163-4fe2-8d0f-b470b07f1fb4”,
“typ”: “Bearer”,
“azp”: “postman”,
“auth_time”: 1572825974,
“session_state”: “6d492d94-f78c-431b-95be-67f73a1314ad”,
“acr”: “0”,
“allowed-origins”: [
/
],
“realm_access”: {
“roles”: [
“offline_access”,
“uma_authorization”
]
},
“resource_access”: {
“account”: {
“roles”: [
“manage-account”,
“manage-account-links”,
“view-profile”
]
}
},
“scope”: “openid email profile”,
“role”: “kibana_read_only”,
“email_verified”: false,
“roles”: “kibana_read_only”,
“name”: “te te”,
“preferred_username”: “te”,
“given_name”: “te”,
“family_name”: “te”,
“email”: “te@test.com
}

Facing this issue , can anybody help me
https://stackoverflow.com/questions/60622018/opendistro-throwing-an-error-on-accepting-a-jwt-token-from-keycloak