Auto authenticating kibana iframe without logging in again from external web application

Hello Team,

I have embedded a dashboard into my external web application and able to see the dashboard (1 user). But, Kibana is asking me to enter the credentials every-time manually. I shouldn't enter the Kibana credentials once I log-in to my application. Is there any way I can configure my credentials in Kibana.YAML file or in the Nginx settings.

FYI: My web application, Kibana, and elastic-search have been deployed in Kubernetes cluster.

I am referring to the following post.
Auto-authenticating to iframe-embedded Kibana dashboard

But, I have a few questions here...

  1. My application, Kibana, and elastic search should be on the same domain (Meaning: Web application, Kibana, and elastic search should run on the same domain with different port numbers (https://www.abc.net:8080, 5601 and 9200) or can be in different domains ( my app in one domain, Kibana, and ES in another domain) .

If yes, can u please make any changes in my basic Nginx.conf

server {
listen 80;
listen [::]:80;
root /usr/share/nginx/html;
server_name www.dev-env.net
index index.html index.htm;
location / {
try_files $uri $uri/ /index.html?/$request_uri;
}
}

Thanks in Advance!
Vishal Macha

Hey @vishal_M, you'll want to use the proxy_set_header directive to pass the Authorization header with a Basic scheme.

You'll first have to figure out the credentials to put in the Authorization headers. The following is how you'd do so on a variety of platforms. You'll have to substitute elastic for the actual and changeme for the actual password.

Ubuntu 16.04 and macOS

echo -n "elastic:changeme" | base64

Node

Buffer.from('elastic:changeme').toString('base64')

NGINX Configuration (replace ZWxhc3RpYzpjaGFuZ2VtZQ== with the output of the previous command)

server {
    listen 80;
    server_name localhost;

    location / {
        proxy_set_header Authorization "Basic ZWxhc3RpYzpjaGFuZ2VtZQ==";
        proxy_pass http://localhost:5601/;
    }
}

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.