What I Want to Achieve
I pasted a Kibana dashboard’s iframe code in my webapp, which works fine. I’m trying to skip the sign-in screen.
What I Tried
Since I already have the user’s credentials in memory, I figured an AJAX call to /api/v1/auth/login
before loading the embedded dashboard should set the appropriate cookie and skip the sign-in screen.
The issue is, Kibana will only accept the request if it has a kbn-version
header. But if I add a kbn-version
header to the AJAX request, the pre-flight OPTIONS
request fails with:
“CORS error: Some headers are not allowed”
I have tried adding kbn-version
to some Hapi configuration settings such as server.cors.additionalHeaders
, server.cors.headers
, server.cors.exposedHeaders
, and server.cors.additionalExposedHeaders
but none of them seem to work.
This is my custom-kibana.yml
file:
$ cat custom-kibana.yml
---
# Default Kibana configuration from kibana-docker.
server.name: kibana
server.host: "0"
server.cors : true
server.cors.origin: ['*']
server.cors.additionalHeaders: ['kbn-xsrf', 'kbn-version']
server.cors.headers: ["accept", "authorization", "content-type", "if-none-match", "origin", "kbn-xsrf", "kbn-version"]
server.cors.exposedHeaders: ["accept", "authorization", "content-type", "if-none-match", "origin", "kbn-xsrf", "kbn-version"]
server.cors.additionalExposedHeaders: ['kbn-xsrf', 'kbn-version']
# server.ssl.enabled: true
# server.ssl.key: kibana.pem
# server.ssl.certificate: kibana-key.pem
elasticsearch.url: https://localhost:9200
elasticsearch.ssl.verificationMode: none
elasticsearch.username: kibanaserver
elasticsearch.password: <pw>
elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
opendistro_security.multitenancy.enabled: true
opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"]
opendistro_security.readonly_mode.roles: ["kibana_read_only"]
My Question
How do I skip the sign-in screen, either by solving the issue I encountered or in any other way.