Error creating elasticsearch data source with authentication

how to solve this error when creating elasticsearch data source with authentication

Elasticsearch error: Authentication to data source failed

LOG
t=2022-03-14T14:28:25-0300 lvl=eror msg=“failed to get OAuth connector” logger=oauthtoken provider=ldap error=“failed to find oauth provider for “ldap””
t=2022-03-14T14:28:25-0300 lvl=info msg=“Authentication to data source failed” logger=data-proxy-log userId=2021 orgId=179 uname=“Vieira” path=/api/datasources/proxy/1243/openbus_search_apigee_logs_br/_mapping remote_addr=180.161.7.248
referer=http://srvteste.dcbr01.corp:3000/datasources/edit/0 body=“��1k�@
��ʡ�!-t(�
\t�K�6�Cl�����*� ����ܡ]��=I��=�@́���CP�0\tAy�A���^'K7GQ}�&�,J��[�I;�;\�1]�{1�������0}%5�m�4^�X!d�Y��%�}h�^xk�1�6�^��]UU��/e�r.�î�iZ�q�������y�!G2��w���\t�ei�x��I�|zx\���v��” statusCode=401
t=2022-03-14T14:28:25-0300 lvl=info msg=“Request Completed” logger=context userId=2021 orgId=179 uname=“Vieira” method=GET path=/api/datasources/proxy/1243/openbus_search_apigee_logs_br/_mapping status=400 remote_addr=180.161.7.248 time_ms=27 size=36 referer=http://srvteste.dcbr01.corp:3000/datasources/edit/0

welcome to the community @deo10!

Thank you for sharing the error you’re seeing, it would help the community to also see how you’re configuring authentication - of course, you’ll want to obscure any sensitive data like passwords.

Hi melori,

I work with deo10 in the same team and as he said, we are facing this issue which didn’t work neither grafana 6.4.4 nor 8.4.3

I’ve configured a filter level to ldap:debug and I’ve got the following log when I tried to add a datasource (I’ve change the internal addresses for safety reason):

logger=datasources t=2022-03-17T17:47:45.14-0300 lvl=dbug msg=“Received command to update data source” url=https://<datasource_address>:9243
logger=datasource t=2022-03-17T17:47:45.14-0300 lvl=dbug msg=“Applying default URL parsing for this data source type” type=elasticsearch url=https://<datasource_address>::9243
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=accesscontrol enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=accesscontrol.enforcement enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=admin enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=analytics enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=analytics.writers enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=auditing enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=caching enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=caching.api enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=caching.queries enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=caching.resources enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=config.vault enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=dspermissions enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=dspermissions.enforcement enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=encryption.aesgcm enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=enterprise.plugins enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=kms.encryption enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=ldapdebug enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=ldapsync enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=provisioning enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=recordedqueries enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=reports enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=reports.creation enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=reports.email enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=reports.pdf enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=saml enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=teamsync enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=teamgroupsync enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=userlimits enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.16-0300 lvl=dbug msg=FeatureEnabled feature=whitelabeling enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=token t=2022-03-17T17:47:45.2-0300 lvl=dbug msg=FeatureEnabled feature=dspermissions.enforcement enabled=false licenseStatus=NotFound hasLicense=false hasValidLicense=false products=“unsupported value type”
logger=datasources t=2022-03-17T17:47:45.2-0300 lvl=dbug msg=“Querying for data source via SQL store” id=1243 orgId=179
logger=datasource t=2022-03-17T17:47:45.2-0300 lvl=dbug msg=“Applying default URL parsing for this data source type” type=elasticsearch url=https://<datasource_address>:9243
logger=data-proxy-log userId=3572 orgId=179 uname=“Rafael Chuvalski Starbulov” path=/api/datasources/proxy/1243//mapping remote_addr=<ip_address> referer=http://<server_address>:3000/datasources/edit/0 t=2022-03-17T17:47:45.24-0300 lvl=info msg=“Authentication to data source failed” body="\u001f\ufffd\u0008\u0000\u0000\u0000\u0000\u0000\u0000\u0000䏱j\ufffd@\u000c\ufffd\ufffd\ufffdX\u001c\ufffdB\ufffdb\ufffd\ufffd@\ufffdtkS<\ufffd\ufffdP/\ufffd}\ufffd\ufffd\ufffd\u000eb\ufffd\ufffd=\ufffd\u000e\ufffd\ufffd7\ufffd\ufffdK\ufffd\ufffd\ufffd4\u00031\u0007\ufffdr\u0006\u000eA\ufffd\ufffd$\u0004\ufffdq\u0006\ufffdb\u000e \ufffd\u0012{\ufffd,\ufffd\u001dE\ufffda\ufffd\u0002\ufffdPr(a\ufffd\"~l\r&\ufffdhT\ufffdpm\u0018\ufffdtZG\ufffd\ufffd|\u00076\ufffd/\u001f\u0007\ufffd\ufffd\ufffdH\ufffd\u001c\ufffd_l1\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u001d0ƌi2\ufffd#<ѯOUU\ufffd\ufffd?w\ufffd\ufffd=\ufffdw\ufffd\ufffd\ufffd\ufffd\\\ufffd\ufffd\ufffd\\ufffd,\ufffdy\ufffdyx\ufffd<ՐQ{B&\ufffd\ufffdη]\ufffdo4A\ufffd,Mq3\ufffd\u0016 \ufffd\ufffd\u0004\ufffd\ufffd\ufffd\ufffd\ufffd\u0002\u0000\u0000\ufffd\ufffd\u0003\u0000\ufffdj\ufffd\ufffd\ufffd\u0001\u0000\u0000" statusCode=401
logger=context t=2022-03-17T17:47:45.24-0300 lvl=info msg=“Request Completed” method=GET path=/api/datasources/proxy/1243//_mapping status=400 remote_addr=<ip_address> time_ms=41 size=36 referer=http://<server_address>:3000/datasources/edit/0

This is the way we are running datasource

Capture1635×926 39.6 KB

Capture2563×734 27.6 KB

when we configure basic authentication, it works fine!

@rafaelchuvalski thank you for the additional information, that’s helpful to know that this works correctly with basic authentication and it’s just oauth that isn’t working for you.

The github issue below might be interesting to you, our developer has tested that the oauth headers are being passed in 8.4.3. There is a discussion with another user here that is having trouble getting it working:

Hi. Thanks for your reply.

I tried to change the config, but It didn’t work.

Another clue??

@rafaelchuvalski grafana will just pass the oauth token in the request headers. Have you tried using curl with elasticsearch and an oauth token for the user to verify that it authenticates?

Hi, thanks for the guidelines, but we performed the connection tests to elastic.
With version 6.5 of grafana this authentication mode works normally, but when we updated grafana to version 8.3 it presented an error.