-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[7.x] Document authentication settings. (#69565)
Co-authored-by: Kaarina Tungseth <kaarina.tungseth@elastic.co> Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
- Loading branch information
1 parent
ea58554
commit 8ec8f33
Showing
8 changed files
with
192 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
[role="xpack"] | ||
[[xpack-security-access-agreement]] | ||
=== Access agreement | ||
|
||
Some work environments require you to acknowledge and accept an agreement before you can access {kib}, which can contain sensitive information. The agreement text supports Markdown format and can be specified using the `xpack.security.authc.providers.<provider-type>.<provider-name>.accessAgreement.message` setting. | ||
|
||
[NOTE] | ||
============================================================================ | ||
You need to acknowledge the access agreement only once per session, and {kib} reports the acknowledgement in the audit logs. | ||
============================================================================ | ||
|
||
Here is how your `kibana.yml` can look like if you define an access agreement: | ||
|
||
[source,yaml] | ||
-------------------------------------------------------------------------------- | ||
xpack.security.authc.providers: | ||
basic.basic1: | ||
order: 0 | ||
accessAgreement: | ||
message: "**You are accessing a system with a sensitive information** \n\n | ||
By logging in, you acknowledge that (shortened ...)" | ||
-------------------------------------------------------------------------------- | ||
|
||
When you authenticate using `basic.basic1`, you'll see the following agreement that you must acknowledge before you can access {kib}: | ||
|
||
[role="screenshot"] | ||
image::user/security/images/access-agreement.png["Access Agreement UI"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file not shown.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters