Authentication in Kibana

Hey @Francisca_Lima, Kibana's CORS policy will prevent you from posting the user's credentials to the login endpoint.

The best option is to do SSO using SAML. The ES docs for getting started using SAML are really good: https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-saml-realm.html

The other option, which has it's limitations, is to use a reverse-proxy like NGINX to hard-code the credentials that are passed to Elasticsearch. This isn't great because anyone who can access the reverse proxy can automatically get access to Kibana, so it's really only good for providing the equivalent of "anonymous access".

There is one other option at the moment, and that's to use something like an OAuth2 proxy to do impersonation: https://www.elastic.co/blog/user-impersonation-with-x-pack-integrating-third-party-auth-with-kibana

We're working on additional auth providers for ES/Kibana, so if none of this satisfies your needs, please let me know and I can direct you towards our feature requests which helps us prioritize the addition of these providers.

1 Like