Disabling multiple logins #27247
Labels
enhancement
New value added to drive a business result
Feature:Security/Authentication
Platform Security - Authentication
Team:Security
Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Comments
kobelb
added
discuss
Team:Security
|
Pinging @elastic/kibana-security |
|
It would be great that all open kibana sessions get a message when a new session is started under the same userid. Another wish is to make this configurable with on/off. |
|
@bpcvdhelm are you all using the native realm to auth in ES/Kibana? |
|
@kobelb: We are using the ldap realm to authenticate users. |
|
Any updates on this thread? |
|
@gulnadaf no update at the moment, is it safe to assume that this is something that you too would like to take advantage of and you're using the native realm as well? |
azasypkin
added
the
Feature:Security/Authentication
|
Closing in favor of #18162 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Some users would like a way to disable multiple logins to Kibana as a security feature, and alert users when a login attempt occurs on another computer.
This feels like a feature that an IdM/IdP would implement, and not something that we should be adding to Kibana. We've generally pushed back on similar features being added to ES, so we might want to take a similar stance here.
I'm opening this issue to discuss further, and gauge interest in a feature like this. There are likely users taking advantage of the current behavior, so this isn't something that we'd likely want to opt-into by default.
The text was updated successfully, but these errors were encountered: