I have a webapp in Java which supports OAuth authentication and authorization. I want to use the same authentication mechanism in Elasticsearch. To achieve this, I used some custom headers such as Tenant and AccessToken and tested it and ES + Kibana worked well. The testing was done via modheader plugin in Chrome wherein I was passing the headers and tested the same. However now I want to integrate with my java webapp so that I can redirect from the webapp to Kibana passing the headers. Howevers this is not possible as suggested here Redirection with custom headers . To do the same, is it possible to use request or query params for authentication in the custom realm instead of request headers ?