b2a2aff75e
Co-authored-by: Kaarina Tungseth <kaarina.tungseth@elastic.co> Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
27 lines
1.4 KiB
Text
27 lines
1.4 KiB
Text
[role="xpack"]
|
|
[[xpack-security-access-agreement]]
|
|
=== Access agreement
|
|
|
|
Some work environments require you to acknowledge and accept an agreement before you can access {kib}, which can contain sensitive information. The agreement text supports Markdown format and can be specified using the `xpack.security.authc.providers.<provider-type>.<provider-name>.accessAgreement.message` setting.
|
|
|
|
[NOTE]
|
|
============================================================================
|
|
You need to acknowledge the access agreement only once per session, and {kib} reports the acknowledgement in the audit logs.
|
|
============================================================================
|
|
|
|
Here is how your `kibana.yml` can look like if you define an access agreement:
|
|
|
|
[source,yaml]
|
|
--------------------------------------------------------------------------------
|
|
xpack.security.authc.providers:
|
|
basic.basic1:
|
|
order: 0
|
|
accessAgreement:
|
|
message: "**You are accessing a system with a sensitive information** \n\n
|
|
By logging in, you acknowledge that (shortened ...)"
|
|
--------------------------------------------------------------------------------
|
|
|
|
When you authenticate using `basic.basic1`, you'll see the following agreement that you must acknowledge before you can access {kib}:
|
|
|
|
[role="screenshot"]
|
|
image::user/security/images/access-agreement.png["Access Agreement UI"]
|