I'm trying to embed an iframe in a page of mine and I was getting CORS errors while doing a login request on /api/security/login so that the user doesn't have to log in multiple times. I think I worked through most of them, however the preflight options request gets a 404 response with a message "It does not have HTTP ok status."
This message is pretty cryptic to me so I'm assuming that maybe /api/security/login was changed somehow? The 404 tells me it can't find something...
JavaScript
const headerObj = {};
headerObj['kbn-xsrf'] = 'true';
headerObj['Content-Type'] = 'application/json'
axios.post(`http://redacted:5601/api/security/login`, {username: 'redacted', password: 'redacted'},
{headers: headerObj}).then((res) => {
})
kibana.ini
kibana.yml: |-
server.name: kibana
server.host: "0.0.0.0"
elasticsearch.hosts: [ "https://elasticsearch:9200" ]
elasticsearch.username: kibana
elasticsearch.password: redacted
elasticsearch.ssl.verificationMode: none
server.cors.enabled: true
server.cors.allowCredentials: true
server.cors.allowOrigin: ["http://localhost:3000"]
server.customResponseHeaders: {"Access-Control-Allow-Origin": "http://localhost:3000", "Access-Control-Allow-Credentials": "true" }