Hi @Donnie_Kerr Welcome to the community!
I think I answered most of this here If I understand what you're trying to do.
You will create a role that represents the access that you want and assign that to the user that you use for the anonymous user
You can also take out the other normal basic and elastic cloud SSO logins
xpack.security.authc.providers:
basic.basic1: <!--- TAKE out this if you don't want normal login
order: 0 <!--- TAKE out this if you don't want normal login
anonymous.anonymous1:
order: 1
credentials:
username: "dashboard-user"
password: "dashboard1234!"
Kibana Available Settings in Elastic Cloud here
to disable the Cloud Kibana SSO
In your kibana.yml setting on the edit deployment page
This is kinda a hidden / inferred setting
xpack.security.authc.providers.saml.cloud-saml-kibana.showInSelector: false
If you don’t want a specific provider to show up at the Login Selector UI (e.g. to only support third-party initiated login) you can hide it with
showInSelectorsetting set tofalse. However, in this case, the provider is presented in the provider chain and may be consulted during authentication based on itsorder. To disable the provider, use theenabledsetting.