No permissions for [cluster:admin:searchguard:authtoken/_own/search

Kosmonafft · July 11, 2022, 10:03am

Hi folks,

I have a user who wants to see his logs. He is logged in via openid and has correct backend roles configured and mapped to search guard roles. If I map my testuser to this roles I see all logs as expected. If the user does the same he sees nothing in Discovery and in the browser console one can observe following error:

{"statusCode": 403,"error": "Forbidden","message": "security_exception: [security_exception] Reason: no permissions for [cluster:admin:searchguard:authtoken/_own/search]

What permissions I need to set in the Role to get rid of this permissions error?

Thanks

pablo · July 14, 2022, 12:46pm

@Kosmonafft Could you share your config.yml, roles.yml and roles_mapping.yml files?
Does your regular user connect to the same tenant as testuser?

system · August 4, 2022, 12:47pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
no permissions for [cluster:monitor/main] Search Guard	23	11948	July 3, 2019
Permissions issue for tenant X Search Guard	12	453	April 25, 2022
Starter Question Search Guard	2	316	August 29, 2018
No permission in version 7.2 Search Guard	6	1465	August 7, 2019
Discover: no permissions for [indices:data/read/search] and User [name=user, roles=[]] Search Guard	0	924	January 16, 2019

No permissions for [cluster:admin:searchguard:authtoken/_own/search

Related Topics