Elastic Cloud/Kibana Embed Authentication

Hi @Donnie_Kerr Welcome to the community!

I think I answered most of this here If I understand what you're trying to do.

You will create a role that represents the access that you want and assign that to the user that you use for the anonymous user

You can also take out the other normal basic and elastic cloud SSO logins

xpack.security.authc.providers:
  basic.basic1:   <!--- TAKE out this if you don't want normal login
    order: 0    <!--- TAKE out this if you don't want normal login
  anonymous.anonymous1:
    order: 1
    credentials:
      username: "dashboard-user"
      password: "dashboard1234!"

Kibana Available Settings in Elastic Cloud here

to disable the Cloud Kibana SSO
In your kibana.yml setting on the edit deployment page
This is kinda a hidden / inferred setting
xpack.security.authc.providers.saml.cloud-saml-kibana.showInSelector: false

If you don’t want a specific provider to show up at the Login Selector UI (e.g. to only support third-party initiated login) you can hide it with showInSelector setting set to false. However, in this case, the provider is presented in the provider chain and may be consulted during authentication based on its order. To disable the provider, use the enabled setting.

1 Like