In this guide here...
https://www.elastic.co/guide/en/kibana/7.x/kibana-authentication.html#token-authentication
It says I can authenticate via a token.
I now have said token and am ready to use it, but where can I?
We previously used a guest user on the /api/security/v1/login endpoint.
The goal here is to simply iframe kibana dashboards in a UI, but we do not have the ability to use SAML at this time.
You won't be able to supply the token directly in the URL of an iframe. However, you can use a reverse-proxy, which the iframe directs it's traffic through, to specify a request header which contains the token:
The bearer tokens returned by Elasticsearch’s get token API can be used directly with Kibana using the
Authorizationrequest header with theBearerscheme.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.