We aim to create a restricted iframe that cannot be exploit it is also public iframe url but is only accessible by specific userIds. We intend to embed this iframe in our app. How can we ensure its privacy? Additionally, we want to prevent anyone from determining the iframe's existence to prevent potential exploitation.
so how do it , if you have any guide then lets know. can we restrict the traffic or get request on public iframe link of dashboard to must contain the userID
There is an excellent post on the Elastic blog on different things you can do to embed Kibana in an iFrame
However, I don't think there's a way to achieve the requirements you mentioned
No way to "hide" you are using an iframe, at the end of the day, they will parse your HTML and offer that to the users (and potentially anyone to inspect it)
No way to log into Kibana using url parameters. You can set up Single Sign On to authenticate your users, though. Details here
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.