How to intercept all http request from kibana frontend going to backend through plugin?

I want to intercept all http request from kibana and add jwtHeader in each of them. I tried writing a plugin in which I'm using $httpProvider.interceptors to intercept and add headers.

uiModules
.get('kibana', ['angular-jwt'])
.config(['$httpProvider', 'jwtOptionsProvider', function Authenticate($httpProvider, jwtOptionsProvider) {
  var refreshPromise;

  jwtOptionsProvider.config({
    tokenGetter: ['$q', '$timeout', 'jwtHelper', function ($q, $timeout, jwtHelper) {
      // setting authentication header
  });

  $httpProvider.defaults.withCredentials = true;
  $httpProvider.interceptors.push('jwtInterceptor');
}]);

But this seems to be called only when I go to this plugin page and also this interception only works on this plugin page only. If I go back to suppose Discover page then interceptor doesn't add any headers.

So how can I intercept all request going from kibana so I can add authentication headers? I've seen #19060 but is it possible to do in kibana v6.3.2?

Kibana is moving away from angular and $http. In the future, all http requests will be made with kfetch, Kibana's wrapper around fetch (added in 6.4). Interceptor support has just been added to kfetch and will appear in 6.5 - https://github.com/elastic/kibana/commit/1daa265ff82b58e54e658b8f5834aa5fe1701a9e

Here is an example of how to add intercepters to the existing $http. https://github.com/elastic/kibana/blob/master/x-pack/plugins/xpack_main/public/hacks/check_xpack_info_change.js#L90.

If you are looking to add authentication to Kibana, Elastic's commercial features offer authentication. Starting in 6.3, the commercial features are even included in the default distribution so trying them out is just a one button process - under Management -> License Management, click start trial.

Thanks, that resolved the issue

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.