Hi, we are working with elastic search and kibana.
We have them on different servers. We need to embed the kibana dashboard in an iframe in our react page.
We are trying to auto-login by making an API call (
/api/security/v1/login) to the kibana server but then we are getting this issue:
Fetch API cannot load http://10.33.178.146:5601/api/security/v1/login. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
We have set:
http.cors.allow-origin: "/.*/" http.cors.allow-credentials: true``` in elasticsearch.yml and also: ```server.cors: true server.cors.origin: "/.*/"``` in kibana.yml and we are still getting the same error when we run the code on our localhost. We also tried `http.cors.allow-origin: "*"` and `server.cors.origin: "*"` and it didn't work. :( Is there something we are missing? These are the headers we are setting when we make the HTTP POST call: ```"Content-Type": "multipart/form-data", "Content-Length": Buffer.byteLength(body), "kbn-version": "5.5.0"``` P.S: It works fine with postman.