Kibana dashboard to limited anonymous user

Hi
I want my dashboard to be viewable to limited no of users, but I dont want them to get into login page. Can it be done?
I know kibana support anonymous authentication but that will open my dashboard for public which I dont want.

TIA

Hi @sunny2502 ,

Welcome to the community! Which version of Kibana are you using? Are you using the free version or do you have a particular license?

Aside from anonymous authentication you could use techniques like Single Sign-on as covered here but some of these do require a license.

Hi
I am using
8.7.1 ELK its a licensed version

li

SSO will require for the user to provide the credentials when they hit the dashboard.. this is what we want to skip

When you don't have an initial generated token yes. If you make use of SSO already in your organisation this could make sense. I would recommend having a look at the embedded content authentication documentation and the cookie settings to see if that works for you.

Hello, I have the same question, I'm using On-Premise version of free kibana.

I need to share dashboard with my users inside my web application using embed link without forcing users to login,

I read the links in your answer, is there any way that I can otomatically authenticate user with jwt or api key at runtime.

Thank you

Hi @sunny2502 and @MesutTalebi,

I've been having a bit more of a dig through and I did come across these old threads that suggest you can use an API key in the headers by making use of a reverse proxy:

  1. Load kibana dashboard in iframe with API KEY authentication
  2. Auto-authenticating to iframe-embedded Kibana dashboard

Is that an option available to either of you?

Hi Carly, Thank you for answer,

But with these approaches the user will be able to copy link from iframe src tag and paste into browser and login to my kibana instance. I need a way like Public access url, that url is encrypted just for that dashboard and user could not able to use that link for other purposes.

Hi @MesutTalebi,

Yes, that will be possible. For a public access URL you could consider anonymous authentication, which does have some caveats as covered in this thread. There are several authentication mechanisms supported by Kibana, but some such as SAML and token authentication that could be suitable for your use case are subscription features.

1 Like

Hi Carly,

I was able to use anonymous provider to allow user to access kibana wihtout login and show the embedded dashboard in my website. but actually my requirements as follow, and I need to know if it is possible or not:

I have a web application, and I want to publish a dashboard here, but each customer needs to see their own data on the dashboard, so I need to apply a filter on kibana dashboard My requirements are as follows:

1- I need to be able to embed this dashboard on my website (Kibana allows this, and I can achieve it by enabling the Anonymous auth. provider, which allows access without login).

2- When the end-user tries to open the URL in the iframe's src tag in the browser, I should not allow this or If they do access it, they should only see the embedded data, meaning they should not be able to remove the filter and view data of other customers.

3- The end-user should not be able to access Kibana by removing the query string from the URL obtained from the iframe; I need to prevent this in some way.

Can I achieve these requirements with a licensed or unlicensed version of Kibana?

Hi @MesutTalebi,

I'm not sure about preventing access via direct URL if they take it from the iframe (if I've understood that part of your requirement correctly).

Since users should only be able to see their data you might want to consider either using spaces to control access or using document-level security to restrict access to documents based on the user.

One thing I'm thinking is would probably require using authentication over anonymous authentication to ensure you know who the user is and are able to apply the document level entitlements. Can you make use of SAML-based authentication alongside setup of roles?

Hi Carly,

this way I will need to clone dashboard for every one of my customers, and this is not maintainable, I think kibana does not meet my needs even licenced version.

thank you for your answer and help.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.