If I understand correctly, What you want to accomplish is enable the ability for a user to anonymous login to view Kibana dashboards etc. That is supported in Elastic Cloud, what is not supported is underlying anonymous access to elasticsearch. That is where the confusion lay.
So this is how you do it.
Reference Here.. and there is even a little video on it here . Note the docs link to 7.11 so make sure you use the latest.
First create the user and role as you would via Kibana.
Then add the setting to the kibana.yml
xpack.security.authc.providers:
basic.basic1: <!-- This is the normal login
order: 0
anonymous.anonymous1: <!-- This is the anonymous login
order: 1
credentials:
username: "test"
password: "askldjfhaslkdjf1654"
Hi there. We had the same issue as Caitlyn. So If I want to share a dashboard with iframe code added in a web server or, as in our case, in Microsoft sharepoint page we won't be able to do it without an account and without going through the anonymous/guest user in Elastic Cloud?
So that is a slightly different area where I am not as much as an expert , but yes if you want to provide content anonymously / without login yes you would need to set up the anonymous login.
thanks @azasypkin.
That's what I d like to do. Embed the anonymous user in the iframe code so any one with the link can see the dashboard even without going through the login selector.
But in order to do so I need to follow this page
Yeah, but any reason you don't want to use username/password based credentials? "elasticsearch_anonymous_user" credentials also requires you to enable anonymous access in Elasticsearch, not sure if you really want that.
That's what I am looking for.
I need multiple people internally in our company to look at dashboards through an internal sharepoint page without login/account?
So in that case do I need to modify the elastic and kibana yml file?
We have elastic cloud 7.12 and I think Stephen Brown said we can't change the setting in the elastic part of it? is that correct?
In short, the steps explained by Stephen in Anonymous Kibana Users - #9 by stephenb is what you need to cover this use case. Only changes in Kibana configuration are needed, no need to modify Elasticsearch config. Don't be be confused by the Login Selector part, if you use iframe code for the dashboard to embed into your Sharepoint page as explained here, your users won't see login selector, iframe will load required dashboards directly.
I'd encourage you to go through all the links we've shared in this thread to get a better understanding of how anonymous access is configured exactly. You seem to be confused by the fact that there are two distinct features Elasticsearch anonymous access and Kibana anonymous access. You may want to use Elasticsearch anonymous access if, for example, you want to query Elasticsearch directly (without Kibana) without providing any sort of credentials. It's enabled by default in Cloud (you cannot change that), but it's required that you create an anonymous role to make it work first. If I understand your use case correctly you don't need this at all, so I won't go into details here.
As explained in the links above, Kibana anonymous access can leverage Elasticsearch anonymous access internally (credentials - "elasticsearch_anonymous_user" ), but it's not required. The easiest way is to just a create a user that will be used as anonymous service account and use username/password credentials as Stephen has already suggested.
Irrespective to the type of credentials you use, when you embed Kibana dashboards or visualizations with toggled Public URL switch, Login Selector won't be shown to your users as this switch tells Kibana to use anonymous access if it's enabled.
Let me know if there is anything that's still unclear, happy to clarify.
thanks Oleg. I was able to implement the anonymous user on Kibana. However if at one end I can public the url without login, now I have the anonymous selector on the kibana page which I don't want cause if someone clicks on it it will go on the dashboard/space everybody can access the same page/kibana space.
This is unless I can use multiple anonymous users!
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.