Integrate FusionAuth with Elastic Cloud
-
What
NameIdPolicyoptions does Kibana support? -
@robotdan said in Integrate FusionAuth with Elastic Cloud:
NameIdPolicy
By referring to this documentation https://www.elastic.co/guide/en/elasticsearch/reference/master/saml-guide-authentication.html#saml-attribute-mapping,
It's only mentioned nameid, nameid:persistent and friendlyName.
-
Likely the same issue as described here https://github.com/FusionAuth/fusionauth-issues/issues/522
-
Got it.
So, currently it's only support
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddressfrom FusionAuth side, right? -
I believe that is correct.
https://github.com/FusionAuth/fusionauth-issues/issues/522#issuecomment-685851566
@dan do we have this limitation documented anywhere that you know of?
@vexana you can add a comment to that issue if you want to mention it also impacts integration with Elasticsearch SAML authentication.
If Elasticsearch supports OpenID Connect, that may be an option for you.
-
@robotdan no, we don't. I'll document that in the https://fusionauth.io/docs/v1/tech/reference/limitations/ section.
-
Looks like you can also integrate to elastic cloud using OIDC: https://discuss.elastic.co/t/elastic-cloud-integration-with-fusionauth/263323
-
@dan Yap, I am the same person asking about that. I am asking on the elastic forum about the OIDC.
Currently, still having a problem integrating it. (I'll update on here also if finding the solution).
-
@vexana It seems like you succeeded based on the last post. Is that the case?
-
@vexana succeeded, but had another question, so I forked the topic: https://fusionauth.io/community/forum/topic/811/mapping-fusionauth-roles-to-elasticsearch
