As a SAML authentication user for the Kibana UI, it would be useful to be able to configure Basic Authentication methods (LDAP/internal users) as a backup authentication method, both for testing purposes and for when we are experiencing SAML outages, so that we can still access the Kibana UI.
Right now, we are working on a redesign of the Kibana auth functionality; we also plan to give users the possibility to choose between several auth types during login. We expect the feature to be ready around April or May.
Issue #312 is pretty much exactly what I was envisioning. If you’re willing to take input from a user on this regarding this item:
Concept: Should we have shared routes for /login etc., or should we have all routes available for direct url access ( = skipping the auth selector page)
As an administrator, I would prefer to have the ability to specify the default login method (i.e., SAML) in order to have my users always bypass the selector page, and then have each route available individually, by URL. This could be accomplished by a redirect from the selector->individual URL method page, if the default is specified.
The reason for this is that our in-house preference is to always use SAML, but to also have basic authentication via LDAP or an internal application account as a backup method, in the event that SAML goes down, or for testing purposes.
Interesting point. We will certainly look at it.
Thank you for the suggestion!
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.