I'm developing an application that embeds one of my company's internal Kibana dashboards into an iframe
so that the application's users have restricted access to only a specific dashboard.
I'm using an Nginx reverse proxy to pass a basic authentication header using a hard-coded user to Kibana for automatic authentication as described here:
proxy_set_header Authorization "Basic Y3N..." # base64 of user:pass
However, the browser still prompts me for credentials and none that I try will work:
I click "Cancel" and I get this response from the browser:
{
"statusCode": 401,
"error": "Unauthorized",
"message": "[security_exception] unable to authenticate user [cs_api_user] for REST request [/_xpack/security/_authenticate], with { header={ WWW-Authenticate=\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\" } }"
}
To eliminate the proxy as the cause, I tried to send a request using curl
, getting the same response:
$ curl -k -H "Authorization: Basic Y3N..." -X GET https://<kbn-ip>:5601
$ curl -k -H "Authorization: Basic Y3N..." -X GET https://<kbn-ip>:5601 -u cs_api_user
Is this an issue on my end or do I need to configure Kibana in some way?