Kibana Authentication from an an external application

Hi Team,

I have a requirement of integrating the Kibana dashboard into my react application. The dashboard may contain multiple charts(Pie, Time series, etc). And, the application will be used by many users. So, the data in each chart should display as per the user.

Here are the steps that i have followed.

  1. created two pie charts as per user with a sample data set and added them into a single dashboard.
  2. integrated the dashboard using an iframe into my react application.

Need guidance on next steps:
When I am accessing Kibana from my web application. It is redirecting to the Kibana login page.

Please, Can someone assist me in passing the basic auth token to Kibana from my application / calling any login API's which gives the authentication token and some sort of session cookies (at the time of redirecting to Kibana)?

Note: I will have to pass the same credentials / same token to Kibana for logging in. Bcoz I am storing all user's data within a single index.

Thanks in advance.
Vishal M

Typically users do pass the token or auth headers via a reverse proxy. Would that work in your case?

Hello @Marius_Dragomir,

I tried a few elastic search Api's

  1. ":9200/_security/oauth2/token" https://www.elastic.co/guide/en/elasticsearch/reference/7.4/security-api-get-token.html which gives access token and refresh token. But, no idea on how to leverage the tokens while loading the dashboard iframe -- meaning, i can store the access token and refresh token in my browser and while loading the iframe, how does it know whether to use the particular access token as a medium.

  2. Another API ":5601/api/security/v1/login" which gives ['set-cookie'] as a response headers. I am able to print the response headers in my browser console window except for the ['set-cookie'] SID value. Not sure how to grab this particular cookie and store it in my browser session.

If the above approaches that I am following is not advisable. Please provide me the steps to pass auth tokens via reverse proxy as you discussed above. Please let me know the right path to achieve this.

Hello @Marius_Dragomir ,

Please can you POST your response.

Thanks,
Vishal