Hi, I embed the dashboard iframe to a custom web page, but I am afraid that the url is eavesdroping if some people with bad intentions get the url directly. But I don't want users key in the password every time when the person login to the custom web page.How can I do?
Is there specific information that you're not wanting to disclose via the URL that you're using with the iframe?
I have installed x-pack, and I found that every time I log in I need to retype account and password.
I think it's a little inconvenient for users.
We store the login information in a cookie that by default doesn't timeout but it is tied to the browser's session storage, so if you close down the browser and re-open it then you'll have to log back in. Do you have
xpack.security.sessionTimeout set in your Kibana.yml?