Hi @Sannj,
that is definitely a problematic area of Kibana in combination with X-Pack. Usually we recommend one of two approaches:
- Use a reverse proxy for accessing the dashboards that injects an
Authorizationheader. - Use an ajax request before loading the iframes, which calls the API with the
Authorizationheader to have the cookie set in the browser session.
From your description it sounds like you already tried the second approach. Could you elaborate what you mean by "the browser is not able to use it"?