403: forbidden error when trying to log in using 'kibana' buitin user

Hi,

Kibana and Elasticsearch version: 7.3.1

I can login to kibana using 'elastic' buitin user but trying to login to kibana using 'kibana' buitin creds gives 403:

{"statusCode":403,"error":"Forbidden","message":"Forbidden"}

nothing in elasticsearch logs and the same 403 error in kibana logs.

Is it that 'kibana' buitin user cannot be used to login to kibana?

Thanks!

Did you set the password for the kibana user? Instructions are here: https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-security.html

Yes. I did that. And i have same credentials in kibana config file (which is working fine).

I have set that password through API.

Why can't i use those creds to login to Kibana UI?

Based on your description I'm surprised there is an issue. It seems like it would be be worth trying to change the password again. The docs describe some of the limitations of built-in users here: https://www.elastic.co/guide/en/elasticsearch/reference/current/built-in-users.html

Also, does your built-in Kibana user have the right privileges? When I run GET _security/user/kibana I get:

{
  "kibana" : {
    "username" : "kibana",
    "roles" : [
      "kibana_user",
      "kibana_system",
      "transport_client"
    ],
    "full_name" : "",
    "email" : "",
    "metadata" : { },
    "enabled" : true
  }
}

Yes, that is exactly the case.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.