The SAML integration with OKTA doesn’t seem to be working. I keep getting redirected to
customerror?type=samlConfigError#?_g=() or to this
I have enabled debug log in the elasticsearch machine but the request doesn’t seem to reach the es machine.
The kibana is running on a different server and the
kibana_url added in the OKTA app is being proxy passed through a nginx machine.
Here is the
saml: enabled: true order: 1 http_authenticator: type: saml challenge: true config: idp: metadata_file: metadata.xml entity_id: http://www.okta.com/3jnkj3nlwj3nlekn3lkn2 sp: entity_id: kibana-saml roles_key: 'Roles' kibana_url: https://kibana-node-1:5601 exchange_key: 'asd4nlksanflkanl3k2nlknlk' authentication_backend: type: noop
In the kibana.yml I have added these two blocks as well.
opendistro_security.auth.type: "saml" server.xsrf.whitelist: ["/_opendistro/_security/saml/acs", "/_opendistro/_security/saml/logout"]
Nothing in the logs is helpful, the request do go till the kibana machine but nothing after that.