[Breaking change] New format for the authentication config #82113
Comments
azasypkin
added
Team:Security
|
Pinging @elastic/kibana-security (Team:Security) |
|
Pinging @elastic/es-ui (Team:Elasticsearch UI) |
|
Hi @azasypkin! I'm going to remove the |
alisonelizabeth
removed
the
Team:Kibana Management
|
Great, thanks for the update @alisonelizabeth ! |
exalate-issue-sync
bot
added
impact:low
exalate-issue-sync
bot
added
loe:medium
|
Closing as we have no immediate plans on removing the legacy configuration. We can open this back up if we plan on revisiting this decision |
exalate-issue-sync
bot
added
loe:small
|
xpack.security.public: Hello there, we had the above config in Kibana and they are deprecated. I have been reading this doc but it did not mention the change for this config. Can you help me? Thanks |
|
Hi @jhguo93, The GitHub issues are intended for bug reports, enhancement requests and etc. The question you have fits better for our Discuss forum, would you mind posting your question there instead? There much more users like you that can help and probably already solved the problem you have. But, in general, you don't need |
Change description
Which release will ship the breaking change?
8.0(Edit Joe 9/1/21: this is deprecated but we are not sure when we will get rid of it)Describe the change. How will it manifest to users?
In 8.0 we dropped support for
xpack.security.authProvidersandxpack.security.publicsettings and going to dropxpack.security.authc.{saml | oidc}.realmand remove support for the legacy array-based format forxpack.security.authc.providers. The reason is that we need to promote the new config format a bit more aggressively as it's required for lots of new features we ship or going to ship (e.g. Cloud SSO won't be enabled automatically if the old config format is used).If users continue to use the old settings then config validation will fail and Kibana won't start.
How many users will be affected?
Quite a lot. I still see people use 6.x format in the recent 7.x deployments.
What can users do to address the change manually?
Just migrate to a new format, we have a good explanation in our docs.
How could we make migration easier with the Upgrade Assistant?
It's easy to check if anything deprecated is used and how it should look like in the new format. We can either point users to the docs or even do the conversion job for them and provide a config snippet they should use instead.
Cross links
PR that droppedEdit Joe 9/1/21: this is not the correct PR, but: these have been removed in master, so we need to add them back in masterxpack.security.authProvidersandxpack.security.public.xpack.security.authc.providersThe text was updated successfully, but these errors were encountered: