Enhance docs on authorization realms #53839
Labels
>docs
General docs changes
>enhancement
:Security/Authentication
Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)
Team:Security
Meta label for security team
Comments
jkakavas
added
>enhancement
>docs
|
Pinging @elastic/es-security (:Security/Authentication) |
|
Pinging @elastic/es-docs (>docs) |
rjernst
added
Team:Docs
|
We have a rough explanation for this under We could copy that text, but perhaps we need a section that explains "looking up users by principal" and link to it from both run-as and authz delegation. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In configuring-authorization-delegation.asciidoc, instead of examples we could have a section for each realm that can act as an authorization realm with the necessary configuration and caveats
i.e. The fact that LDAP and AD realms need to be configured with a
bind_dnuser is implied in other parts of the documentation where we say that only realms that support lookup can be used as authorization realms but it might not be obvious to make the connection that an LDAP/AD realm needs the bind_dn user in order to perform lookups.The text was updated successfully, but these errors were encountered: