Anonymous access on iframe but sign in otherwise

I am creating a web app that has kibana iframes embedded that I would like to not require sign in for them. I have read all of the elastic forums and githubs but I still can't figure out how to allow this.

When I use the settings I posted below, the iframe doesn't need auth and neither when I access kibana directly. However, I'm unable to sign in with another user so that I can do admin work.
On the top right, I can click on the user, and it says "Sign In" I press that, it signs me out, and then there's another "Sign In" screen, and upon pressing that, I'm back to the same anonymous user. If I add:

xpack.security.authc.providers:
  basic.basic1:
    order: 1

to elasticsearch.yml, then I have to click on the anonymous sign in to make that work. What am I missing?

elasticsearch.yml

xpack.security.enabled: true
xpack.security.authc:
  anonymous:
    username: anonymous_user
    roles: public
    authz_exception: false

kibana.yml

xpack.security.enabled: true
xpack.security.authc.providers:
  anonymous.anonymous1:
    order: 1
    credentials:
      username: "user"
      password: "pw"

Hi @seanziee ,

You Kibana authentication configuration should look like this:

xpack.security.authc.providers:
  basic.basic1:
    order: 1
  anonymous.anonymous1:
    order: 2
    credentials:
      username: "user"
      password: "pw"

With this configuration you don't need to enable anonymous access in elasticsearch.yml (it's even discouraged if you don't need it). The only thing you're missing is the auth_provider_hint=anonymous1 query string parameter in your iframe URL, read more about here. In 7.11 you need to add this parameter manually, but since Kibana 7.12 there will be a UI toggle for that instead.

Best,
Oleg

Oh ok thanks! I thought that the key for the hint was going to be the username, not anonumous1. It works now, thanks!

I'll remove the elasticsearch anon!