Skip to content
This repository has been archived by the owner on Jan 29, 2024. It is now read-only.

Commit

Permalink
OpenSearch - Update Advanced parameters
Browse files Browse the repository at this point in the history
  • Loading branch information
web-flow authored Aug 15, 2023
1 parent e24dd0b commit 5e9563d
Showing 1 changed file with 85 additions and 5 deletions.
90 changes: 85 additions & 5 deletions includes/config-opensearch.rst
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
..
``additional_backup_regions``
-----------------------------
*array*

**Additional Cloud Regions for Backup Replication**
``additional_backup_regions``
-----------------------------
*array*

**Additional Cloud Regions for Backup Replication**



Expand Down Expand Up @@ -97,6 +97,86 @@



``openid``
----------
*object*

**OpenSearch OpenID Connect Configuration**

``enabled``
~~~~~~~~~~~
*boolean*

**Enable or disable OpenSearch OpenID Connect authentication** Enables or disables OpenID Connect authentication for OpenSearch. When enabled, users can authenticate using OpenID Connect with an Identity Provider.

``connect_url``
~~~~~~~~~~~~~~~
*string*

**OpenID Connect metadata/configuration URL** The URL of your IdP where the Security plugin can find the OpenID Connect metadata/configuration settings.

``roles_key``
~~~~~~~~~~~~~
*['string', 'null']*

**The key in the JSON payload that stores the user’s roles** The key in the JSON payload that stores the user’s roles. The value of this key must be a comma-separated list of roles. Required only if you want to use roles in the JWT

``subject_key``
~~~~~~~~~~~~~~~
*['string', 'null']*

**The key in the JSON payload that stores the user’s name** The key in the JSON payload that stores the user’s name. If not defined, the subject registered claim is used. Most IdP providers use the preferred_username claim. Optional.

``jwt_header``
~~~~~~~~~~~~~~
*['string', 'null']*

**The HTTP header that stores the token** The HTTP header that stores the token. Typically the Authorization header with the Bearer schema: Authorization: Bearer <token>. Optional. Default is Authorization.

``jwt_url_parameter``
~~~~~~~~~~~~~~~~~~~~~
*['string', 'null']*

**URL JWT token.** If the token is not transmitted in the HTTP header, but as an URL parameter, define the name of the parameter here. Optional.

``refresh_rate_limit_count``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*['integer', 'null']*

**The maximum number of unknown key IDs in the time frame** The maximum number of unknown key IDs in the time frame. Default is 10. Optional.

``refresh_rate_limit_time_window_ms``
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*['integer', 'null']*

**The time frame to use when checking the maximum number of unknown key IDs, in milliseconds** The time frame to use when checking the maximum number of unknown key IDs, in milliseconds. Optional.Default is 10000 (10 seconds).

``client_id``
~~~~~~~~~~~~~
*string*

**The ID of the OpenID Connect client** The ID of the OpenID Connect client configured in your IdP. Required.

``client_secret``
~~~~~~~~~~~~~~~~~
*string*

**The client secret of the OpenID Connect** The client secret of the OpenID Connect client configured in your IdP. Required.

``scope``
~~~~~~~~~
*string*

**The scope of the identity token issued by the IdP** The scope of the identity token issued by the IdP. Optional. Default is openid profile email address phone.

``header``
~~~~~~~~~~
*string*

**HTTP header name of the JWT token** HTTP header name of the JWT token. Optional. Default is Authorization.



``index_patterns``
------------------
*array*
Expand Down

0 comments on commit 5e9563d

Please sign in to comment.