I came across this comment in the GitHub page regarding multiple redirects...
Usually what causes this is having multiple cookies for the same "domain" and "name", but with different values for "path". If you open the developer tools in Chrome, then click on the Application tab, then expand the Cookies section, and click on the domain, do you have multiple cookies with the name "sid"? If so, you can fix this issue by clearing all of them.
- I am sending a pre flight authentication request (AJAX) to obtain a cookie to the
/api/security/v1/loginendpoint - On receipt of the cookie, I then send Set-Cookie header back to client with the kibana cookie. (I have changed the name from sid to kibana)
- The cookie is set correctly on the client, however, when you iFrame a kibana page in (such as dashboards), you see it load in (so cookie auth looks like it's working), then does multiple redirects to https://DOMAIN:5601/login?next=%2Fs%2FSPACE%2Fapp%2Fkibana
- I then see 'Too Many Redirects' error.
- Any ideas as to a solution?
Thanks 
Kibana Version: 6.5.4