Kibana anonymous authentication error

I tried to set anonymous authentication on kibana ver 7.8 following these instructions:

But when I insert in my kibana.yml: authc.providers:


order: 0


order: 1


username: "anonymous_service_account"

password: "anonymous_service_account_password"

I get this error:

98]: {"type":"log","@timestamp":"2020-12-17T13:15:13Z","tags":["fatal","root"],"pid":27198,"message":"{ Error: [config val

Dec 17 14:15:13 ctaqvwragrw02 kibana[27198]: FATAL Error: [config validation of [].authc.providers]: types that failed validation:

Dec 17 14:15:13 ctaqvwragrw02 kibana[27198]: - [config validation of [].authc.providers.0]: expected value of type [array] but got [Object]

Dec 17 14:15:13 ctaqvwragrw02 kibana[27198]: - [config validation of [].authc.providers.1.anonymous]: definition for this key is missing

If I leave only the basic proveder without the anonymous one it works.
Could you please help me?

Thank you


At the top of the page you linked to it says:

You are looking at preliminary documentation for a future release. Not what you want? See the current release documentation.

Since you are using Kibana 7.8, you want the documentation for Kibana 7.8 which is:

That version does not support anonymous authentication - in fact no released version of Kibana does, it is a feature that we expect to support in an upcoming Kibana release.

Thank you Tim, I was so focused on the problem that I didn't note it was an upcoming feature.
My problem is that I have a web application and I call kibana dashboards via iframe

<iframe src="https://mydomain/kibana/app/kibana#/dashboard/XXXX".

To avoid re-login I use an apache reverse proxy and it works:
<LocationMatch "/kibana">

ProxyPass http://myKibanaIp:5601

ProxyPassReverse http://myKibanaIp:5601

Header add Authorization "Basic myBase64Credentials"

RequestHeader set Authorization "Basic myBase64Credentials"

but if a user goes directly to https://mydomain/kibana he is automatically logged in so he can visualise the dashboards. I would like to have logged in users only if they access via iframe as the anonymous authentication feature would do. Is there any solution or I have to wait the upcoming anonymous authentication feature?

Thank you

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.