Elasticsearch logs have no errors, maybe I have to configure debug logging. Kibana shows these messages:
{"type":"log","@timestamp":"2021-02-23T16:59:15Z","tags":["error","elasticsearch","data"],"pid":7,"message":"[ResponseError]: Response Error"}
{"type":"log","@timestamp":"2021-02-23T16:59:15Z","tags":["error","plugins","searchguard","searchguard-multitenancy"],"pid":7,"message":"Multitenancy: Could not get authinfo AuthenticationError: Response Error"}
{"type":"response","@timestamp":"2021-02-23T16:59:15Z","tags":[],"pid":7,"method":"get","statusCode":302,"req":{"url":"/","method":"get","headers":{"host":"my-kibana-url","x-request-id":"7caae32007248ac2af47362113bbce3b","x-real-ip":"X.X.X.X","x-forwarded-for":"X.X.X.X","x-forwarded-host":"my-kibana-url","x-forwarded-port":"80","x-forwarded-proto":"http","x-original-uri":"/","x-scheme":"http","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 Edg/88.0.705.74","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9","accept-encoding":"gzip, deflate","accept-language":"es,es-ES;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6"},"remoteAddress":"10.1.64.202","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 Edg/88.0.705.74"},"res":{"statusCode":302,"responseTime":37,"contentLength":9},"message":"GET / 302 37ms - 9.0B"}
{"type":"log","@timestamp":"2021-02-23T16:59:15Z","tags":["error","elasticsearch","data"],"pid":7,"message":"[ResponseError]: Response Error"}
{"type":"response","@timestamp":"2021-02-23T16:59:15Z","tags":[],"pid":7,"method":"get","statusCode":302,"req":{"url":"/auth/saml/login?nextUrl=%2F","method":"get","headers":{"host":"my-kibana-url","x-request-id":"41c7ad6acf5f90d94d511e8a9515c427","x-real-ip":"X.X.X.X","x-forwarded-for":"X.X.X.X","x-forwarded-host":"my-kibana-url","x-forwarded-port":"80","x-forwarded-proto":"http","x-original-uri":"/auth/saml/login?nextUrl=%2F","x-scheme":"http","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 Edg/88.0.705.74","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9","accept-encoding":"gzip, deflate","accept-language":"es,es-ES;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6"},"remoteAddress":"10.1.64.202","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 Edg/88.0.705.74"},"res":{"statusCode":302,"responseTime":15,"contentLength":9},"message":"GET /auth/saml/login?nextUrl=%2F 302 15ms - 9.0B"}
{"type":"log","@timestamp":"2021-02-23T17:00:50Z","tags":["error","elasticsearch","data"],"pid":7,"message":"[ResponseError]: Response Error"}
{"type":"log","@timestamp":"2021-02-23T17:00:50Z","tags":["error","plugins","searchguard","searchguard-multitenancy"],"pid":7,"message":"Multitenancy: Could not get authinfo AuthenticationError: Response Error"}
{"type":"response","@timestamp":"2021-02-23T17:00:50Z","tags":[],"pid":7,"method":"get","statusCode":302,"req":{"url":"/app/kibana","method":"get","headers":{"host":"my-kibana-url","x-request-id":"5706c672d5e6c4f623f0320a503121af","x-real-ip":"X.X.X.X","x-forwarded-for":"X.X.X.X","x-forwarded-host":"my-kibana-url","x-forwarded-port":"80","x-forwarded-proto":"http","x-original-uri":"/app/kibana","x-scheme":"http","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8","accept-language":"es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3","accept-encoding":"gzip, deflate","upgrade-insecure-requests":"1"},"remoteAddress":"10.1.64.202","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0"},"res":{"statusCode":302,"responseTime":17,"contentLength":9},"message":"GET /app/kibana 302 17ms - 9.0B"}
{"type":"log","@timestamp":"2021-02-23T17:00:50Z","tags":["error","elasticsearch","data"],"pid":7,"message":"[ResponseError]: Response Error"}
{"type":"response","@timestamp":"2021-02-23T17:00:50Z","tags":[],"pid":7,"method":"get","statusCode":302,"req":{"url":"/auth/saml/login?nextUrl=%2Fapp%2Fkibana","method":"get","headers":{"host":"my-kibana-url","x-request-id":"fff80ae5695b7051d15bb335b1e8c849","x-real-ip":"X.X.X.X","x-forwarded-for":"X.X.X.X","x-forwarded-host":"my-kibana-url","x-forwarded-port":"80","x-forwarded-proto":"http","x-original-uri":"/auth/saml/login?nextUrl=%2Fapp%2Fkibana","x-scheme":"http","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8","accept-language":"es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3","accept-encoding":"gzip, deflate","upgrade-insecure-requests":"1"},"remoteAddress":"10.1.64.202","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0"},"res":{"statusCode":302,"responseTime":55,"contentLength":9},"message":"GET /auth/saml/login?nextUrl=%2Fapp%2Fkibana 302 55ms - 9.0B"}
{"type":"log","@timestamp":"2021-02-23T17:00:54Z","tags":["error","plugins","searchguard","searchguard-auth"],"pid":7,"message":"SAML auth, failed to authorize: Error: The session cookie is absent.\n at router.post (/usr/share/kibana/plugins/searchguard/server/applications/searchguard/auth/types/saml/routes.js:131:17)\n at process._tickCallback (internal/process/next_tick.js:68:7)"}
{"type":"response","@timestamp":"2021-02-23T17:00:54Z","tags":[],"pid":7,"method":"post","statusCode":302,"req":{"url":"/searchguard/saml/acs","method":"post","headers":{"host":"my-kibana-url","x-request-id":"cc4c4f7769af90d63630bff7961ddbf5","x-real-ip":"X.X.X.X","x-forwarded-for":"X.X.X.X","x-forwarded-host":"my-kibana-url","x-forwarded-port":"80","x-forwarded-proto":"http","x-original-uri":"/searchguard/saml/acs","x-scheme":"http","content-length":"9795","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8","accept-language":"es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3","accept-encoding":"gzip, deflate","content-type":"application/x-www-form-urlencoded","origin":"null","upgrade-insecure-requests":"1"},"remoteAddress":"10.1.64.202","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0"},"res":{"statusCode":302,"responseTime":43,"contentLength":9},"message":"POST /searchguard/saml/acs 302 43ms - 9.0B"}
{"type":"response","@timestamp":"2021-02-23T17:00:54Z","tags":[],"pid":7,"method":"get","statusCode":200,"req":{"url":"/customerror?type=samlAuthError","method":"get","headers":{"host":"my-kibana-url","x-request-id":"e49216fe8a4f52bffc9c6757eeab38ec","x-real-ip":"X.X.X.X","x-forwarded-for":"X.X.X.X","x-forwarded-host":"my-kibana-url","x-forwarded-port":"80","x-forwarded-proto":"http","x-original-uri":"/customerror?type=samlAuthError","x-scheme":"http","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8","accept-language":"es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3","accept-encoding":"gzip, deflate","upgrade-insecure-requests":"1"},"remoteAddress":"10.1.64.202","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:85.0) Gecko/20100101 Firefox/85.0"},"res":{"statusCode":200,"responseTime":161,"contentLength":9},"message":"GET /customerror?type=samlAuthError 200 161ms - 9.0B"}