Is there a API request to get the tenant list of a particular user?

When asking questions, please provide the following information:

• Search Guard and Elasticsearch version - 6.6.0

• Installed and used enterprise modules, if any - no

• JVM version and operating system version - ubuntu 16, java8

• Search Guard configuration files

• Elasticsearch log messages on debug level

• Other installed Elasticsearch or Kibana plugins, if any

Hi, I have been trying to take the list of total tenant list for a particular user. Currently, it looks like a long short, I need to take the user details, then rolesmapping and then roles. Each and every request is a separate API call which creating a performance issue. Is there a API method to do this in a simple way?

No, that is not possible. A username alone is not sufficient to determine the backend roles and, based on them, ultimately the SG roles and the tenant list:

Imagine you use LDAP, JWT or SAML for authentication / authorization. The backend roles for a user are maintained in LDAP or a third-party identity provider. Without these backend roles (e.g. LDAP groups) you cannot say which Search Guard roles a user has. In other words, without performing authentication and authorization we do not have the backend roles, and thus cannot map the Search Guard roles. The scenario you probably want to implement would only be possible for the internal user database. Only in that case, all information about a user is stored inside Elasticsearch without any third-party IdP involved.