As described in Kibana stuck in login loop, Google Chrome will no longer store non-secure cookies as of Release 84, which results in an authentication loop if Kibana is embedded in an iframe on an HTTP website. Per @majagrubic, the solution is to utilize HTTPS as well as modify kibana.yml by adding
xpack.security.sameSiteCookies=None (on versions 7.8.1+).
While this resolved my issue on the desktop version of Chrome, I'm now seeing the issue on iPhone devices despite using HTTPS. The screen goes back and forth between "Welcome to Elastic / Authenticating..." and "Loading Elastic". I've also tried "View Desktop Site" on mobile with no luck. I'm testing with Chrome 92.0.4515.90 on iOS and Firefox Daylight 35.0 (5448) on iOS. I'm using Elastic Cloud version 7.14.
Of note, I've enabled Kibana's anonymous authentication access (using an API Key). My use case is to display a public, read-only Kibana dashboard on an external website. To re-iterate, this set-up works perfectly on desktop browsers, but not on mobile browsers for some reason.
Update: It appears to work on Android-based browsers. Perhaps this is related to the Safari iframe issue? Safari by default discards cookies set in an iframe unless the host that's serving the iframe has set a cookie before, outside the iframe. Is iOS requiring the same of any third-party browsers installed on iPhone?