honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[DOCS] Adds intro for OIDC realm (#50485)

This commit is contained in:
Lisa Cawley 2019-12-30 07:03:38 -08:00 committed by lcawl
parent e7d5443bf5
commit 8869f2b9b2
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
x-pack/docs/en/security/authentication/index.asciidoc
View File

@ -8,6 +8,7 @@ include::active-directory-realm.asciidoc[]
include::file-realm.asciidoc[]
include::ldap-realm.asciidoc[]
include::native-realm.asciidoc[]
include::oidc-realm.asciidoc[]
include::pki-realm.asciidoc[]
include::saml-realm.asciidoc[]
include::kerberos-realm.asciidoc[]

19
x-pack/docs/en/security/authentication/oidc-realm.asciidoc Normal file
View File

@ -0,0 +1,19 @@
[role="xpack"]
[[oidc-realm]]
=== OpenID Connect authentication
The OpenID Connect realm enables {es} to serve as an OpenID Connect Relying
Party (RP) and provides single sign-on (SSO) support in {kib}.
It is specifically designed to support authentication via an interactive web
browser, so it does not operate as a standard authentication realm. Instead,
there are {kib} and {es} {security-features} that work together to enable
interactive OpenID Connect sessions.
This means that the OpenID Connect realm is not suitable for use by standard
REST clients. If you configure an OpenID Connect realm for use in {kib}, you
should also configure another realm, such as the <<native-realm, native realm>>
in your authentication chain.
In order to simplify the process of configuring OpenID Connect authentication
within the {stack}, there is a step-by-step guide: <<oidc-guide>>.