Kibana JWT URL Parameter Authentication
The Search Guard Kibana plugin provides you the possibility to authenticate requests to Kibana using a URL parameter in the Kibana request URL.
This is intended for embedding read-only Kibana instances using IFrames in dashboards or similar applications.
If in your setup, the JWT gets transmitted via an HTTP header, check out the Kibana proxy authentication.
Search Guard Backend Setup
In order to use proxy authentication with Kibana, you have to also set up an JWT authenticator in the Search Guard backend configuration sg_authc.yml
.
See the JWT authenticator documentation for details.
Kibana Setup
Additionally, you need to edit the file config/kibana.yml
in your Kibana installation and add the following lines:
searchguard.auth.jwt_param.enabled: true
searchguard.auth.jwt_param.url_param: auth
This assumes that the URL parameter is called auth
. If the JWT gets transmitted with a different URL parameter name, please replace the value accordingly.
Additional resources