-
Notifications
You must be signed in to change notification settings - Fork 24.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenID Connect realm support #35339
Labels
>feature
Meta
:Security/Authentication
Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)
v7.2.0
Comments
jkakavas
added
>feature
Meta
v7.0.0
:Security/Authentication
Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)
labels
Nov 7, 2018
Pinging @elastic/es-security |
jkakavas
added a commit
that referenced
this issue
Jan 18, 2019
This commit adds * An OpenID Connect Realm definition * Necessary OpenID Connect Realm settings to support Authorization code grant and Implicit grant flows * Rest and Transport Action and Request/Response objects for initiating and completing the authentication flow * Functionality for generating OIDC Authentication Request URIs Unit tests Notably missing (to be handled in subsequent PRs): * The actual implementation of the authentication flows * Necessary JW{T,S,E} functionality Relates: #35339
jkakavas
added a commit
to jkakavas/elasticsearch
that referenced
this issue
Jan 20, 2019
This commit adds * An OpenID Connect Realm definition * Necessary OpenID Connect Realm settings to support Authorization code grant and Implicit grant flows * Rest and Transport Action and Request/Response objects for initiating and completing the authentication flow * Functionality for generating OIDC Authentication Request URIs Unit tests Notably missing (to be handled in subsequent PRs): * The actual implementation of the authentication flows * Necessary JW{T,S,E} functionality Relates: elastic#35339
Closed
Implemented in #40674 |
17 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
>feature
Meta
:Security/Authentication
Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)
v7.2.0
This issue tracks the effort to offer an OpenID Connect authentication realm in Elasticsearch.
Relevant specifications:
Elasticsearch will implement and OpenID Connect Relying Party (RP). The initial idea is that this will be handled in a similar way to the SAML Authentication realm where
Tasks :
OP discoveryand static OP configurationJWS
andJWE
supportuserinfo
endpointSubmit request for the OpenID Foundation conformance certificationSupport dynamic registration with an OPThe text was updated successfully, but these errors were encountered: