Kibana without the login form


(Tal Weiss) #1

Hi all,

I'm using the latest cloud.
I'd like to serve Kibana dashboards to my clients.

Is there a way to disable the login form?
Auto-Login via the URL?
I'm willing to proxy the dashboard - will that work?
What good is embedding an iframe if the user needs to log in?


Disable login in Kibana 5.3
(Thomas Neirynck) #2

Hi @Tal_Weiss,

In 5.0, you can disable the security plugin by adding the following to your elasticsearch.yml and kibana.yml config files.

xpack.security.enabled: false

That will disable the login screen.

See also https://www.elastic.co/guide/en/x-pack/current/security-settings.html.


(Tal Weiss) #3

Thanks for the reply!
I actually want the security provided - I need document level security so that each of our clients would only be able to see their own data. I just want them to be able to login once to our servers, and see their dashboard in an iframe without having to login again. If we could do regular username:password authentication in the URL (+https) this would solve the problem. But adding the username and password to the URL does not work.


(Tal Weiss) #4

Also - how can I disable "the security plugin formerly called shield" in the Elastic Cloud?
I'm not sure I have full access to elasticsearch.yml and kibana.yml


(Thomas Neirynck) #5

hi Tal,

I see you are continuining discussion here: :slight_smile:
https://discuss.elastic.co/t/how-do-i-disable-shield-auto-login/65390?source_topic_id=65231

As to your question here, that's not possible right now with Kibana/X-plugins. Kibana's security model doesn't have that granularity.

Could you create a new feature request in Kibana - https://github.com/elastic/kibana/issues/new - that describes your use-case? This will help us track & prioritize this request.


(Tal Weiss) #6

Got it - thanks for the reply!
I indeed tried to split the question into 2: cloud hosted vs. self hosted. I'm guessing cloud hosting is not for us until this feature is available (and some other Kibana features that will enable us to deliver dashboards to our end users). I'll gather my thoughts and fill in a feature request.
Thanks again!


(system) #7

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.