Kibana iframes


I've setup Elastic/Kibana with basic authentication using x-pack. I understand that I can set up a reverse proxy using Nginx and specify a base 64 encoded username/password to the header to authenticate and use the iframe via the reverse proxy from within my web application.

However, Is there a way to pass in a specific username/password retrieved from my application login and pass it to the proxy so that Kibana will display the iframe with permissions set for that specific user ?

Here are the relevant docs for customizing HTTP authentication in Kibana: Authentication in Kibana | Kibana Guide [7.14] | Elastic

If you have the Basic authentication provider enabled in Kibana (it is enabled default if you are running Elasticsearch with Security enabled), you can pass in any valid base64-encoded username:password combination in the HTTP Authorization header. That's simply called Basic HTTP Authentication.

You could customize your proxy to handle this; I'm not sure of the specifics of how to do it in Nginx though, and that would involve exposing something like a cookie to your proxy. Alternatively you could make your own application-layer proxy to do this for you.

If your license permits and you have the infrastructure in place, you would be better off using some form of single sign-on such as SAML or OIDC.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.