# Creating Users in OpenSearch for ElastiFlow

This guide describes how to create internal users and roles in OpenSearch that can read and search ElastiFlow data without full administrative privileges.

***

### Create an Internal User

1. Log in as the admin user and navigate to **Security → Internal Users**.
2. Click **Create User**.
3. Fill out the form:
   * Username
   * Password (and confirmation)
4. Click **Create** to save the user.

***

### Create a Role

1. Go to **Security → Roles** and click **Create role**.
2. Name the role, e.g. `elastiflow-readonly`.
3. In the **Cluster Permissions** section, add:
   * `cluster_composite_ops_ro`
4. In **Index Permissions**, use these patterns:
   * `elastiflow-*`
   * `.kibana*`
5. And apply the following permissions:
   * `read`
   * `search`
6. In the **Tenant Permissions** section:
   * Select `global_tenant`
   * Set to **Read only access**
7. Click **Create** to save the role.

***

### Map the User to the Role

1. From the `elastiflow-readonly` role page, open the **Mapped users** tab.
2. Click **Manage mapping**.
3. Select the newly created user.
4. Click **Map**.

***

### Test the New User

* Open a private browser window.
* Log in with the new user.
* Select the **Global** tenant when prompted (ElastiFlow dashboards are stored here).

***

### External Authentication Mapping (Optional)

If you're using an external provider (SAML, LDAP, RADIUS), map the backend role sent by the IdP to this internal role:

* Go to **Roles → `elastiflow-readonly` → Mapped backend roles**
* Add the backend role (e.g. `elastiflow-readonly`) sent by your IdP

***

Users will now be able to access ElastiFlow Dashboards and data with the appropriate read-only permissions.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.elastiflow.com/additional-resources-reference-articles/guides/elastiflow-opensearch-user-guide.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.