Kibana in Custom App

adwaitjoshi · October 29, 2018, 1:41pm

I am trying to embed Kibana (with XPACK) enabled in a custom app.

Logically it would work as follows

The user is authenticated in the custom app and then a call is made to Kibana (with authentication headers) based on his role. The list of Visuals and Dashboards is displayed and the user is able to see them.

I am having a hard time with the auth enabled. If I call the dashboard directly, I am able to authenticate but then it needs several libraries to render the UI and it fails.

If I do a iFrame, setting the Auth on it is very insecure. Whats the best way to accomplish this?

bhavyarm · October 29, 2018, 1:57pm

@Larry_Gregory/ @Brandon_Kobel so far we have been doing it with iFrames. I am not sure if I understand why this is insecure? Can we please get some help?

Thanks,
Bhavya

Larry_Gregory · October 29, 2018, 2:00pm

The best way to accomplish this is via reverse-proxy. Instead of having an iframe with hard-coded credentials, the iframe can point to a reverse proxy that you control. The proxy then has logic to add the auth headers, as required.

Here's an example setup for nginx that you can use as a starting point: Auto-authenticating to iframe-embedded Kibana dashboard

Topic		Replies	Views
Embed Kibana in Custom App Kibana	4	542	September 2, 2019
Kibana authentication for iframe containing custom data Kibana	2	601	November 19, 2020
Embedding Kibana dashboard iframe with authentication Kibana	2	2835	September 22, 2022
Auto-authenticate Kibana 5.0 dashboard embedded in iframe Kibana	3	1553	January 6, 2017
Kibana embedded authentication Kibana	3	461	August 11, 2020

Kibana in Custom App

Related topics