Version: SG FLX

Kibana JWT URL Parameter Authentication

The Search Guard Kibana plugin provides you the possibility to authenticate requests to Kibana using a URL parameter in the Kibana request URL.

This is intended for embedding read-only Kibana instances using IFrames in dashboards or similar applications.

If in your setup, the JWT gets transmitted via an HTTP header, check out the Kibana proxy authentication.

Search Guard Backend Setup

In order to use proxy authentication with Kibana, you have to also set up an JWT authenticator in the Search Guard backend configuration sg_authc.yml.

See the JWT authenticator documentation for details.

Kibana Setup

Additionally, you need to edit the file config/kibana.yml in your Kibana installation and add the following lines:

searchguard.auth.jwt_param.enabled: true
searchguard.auth.jwt_param.url_param: auth

This assumes that the URL parameter is called auth. If the JWT gets transmitted with a different URL parameter name, please replace the value accordingly.

Not what you were looking for? Try the search.