This is an older version of Search Guard. Switch to Latest version
Kibana in iframe
Web browsers changed the default behavior for cookies so that:
- Cookies without a
SameSiteattribute are treated as
- Cookies for cross-site usage must specify
SameSite=None; Secureto include third party content.
It means that Kibana can’t be accessed via an iframe on a third party web site by default. The cookies at the Kibana side must be configured to add
SameSite=None; Secure attributes.
searchguard: cookie: secure: true isSameSite: None