Hi all,
I'm using the latest cloud.
I'd like to serve Kibana dashboards to my clients.
Is there a way to disable the login form?
Auto-Login via the URL?
I'm willing to proxy the dashboard - will that work?
What good is embedding an iframe if the user needs to log in?
Hi @Tal_Weiss,
In 5.0, you can disable the security plugin by adding the following to your elasticsearch.yml and kibana.yml config files.
xpack.security.enabled: false
That will disable the login screen.
See also https://www.elastic.co/guide/en/x-pack/current/security-settings.html.
Thanks for the reply!
I actually want the security provided - I need document level security so that each of our clients would only be able to see their own data. I just want them to be able to login once to our servers, and see their dashboard in an iframe without having to login again. If we could do regular username:password authentication in the URL (+https) this would solve the problem. But adding the username and password to the URL does not work.
Also - how can I disable "the security plugin formerly called shield" in the Elastic Cloud?
I'm not sure I have full access to elasticsearch.yml and kibana.yml
hi Tal,
I see you are continuining discussion here: 
https://discuss.elastic.co/t/how-do-i-disable-shield-auto-login/65390?source_topic_id=65231
As to your question here, that's not possible right now with Kibana/X-plugins. Kibana's security model doesn't have that granularity.
Could you create a new feature request in Kibana - https://github.com/elastic/kibana/issues/new - that describes your use-case? This will help us track & prioritize this request.
Got it - thanks for the reply!
I indeed tried to split the question into 2: cloud hosted vs. self hosted. I'm guessing cloud hosting is not for us until this feature is available (and some other Kibana features that will enable us to deliver dashboards to our end users). I'll gather my thoughts and fill in a feature request.
Thanks again!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.