I am trying to embed Kibana (with XPACK) enabled in a custom app.
Logically it would work as follows
The user is authenticated in the custom app and then a call is made to Kibana (with authentication headers) based on his role. The list of Visuals and Dashboards is displayed and the user is able to see them.
I am having a hard time with the auth enabled. If I call the dashboard directly, I am able to authenticate but then it needs several libraries to render the UI and it fails.
If I do a iFrame, setting the Auth on it is very insecure. Whats the best way to accomplish this?
@Larry_Gregory/ @Brandon_Kobel so far we have been doing it with iFrames. I am not sure if I understand why this is insecure? Can we please get some help?
The best way to accomplish this is via reverse-proxy. Instead of having an iframe with hard-coded credentials, the iframe can point to a reverse proxy that you control. The proxy then has logic to add the auth headers, as required.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.