Hi, I’m authenticating to searchguard using JWT. Now, when I hit a URL like
Then it actually works, and I seem to be properly authenticated to Kibana. Yay!
However, when I try to embed a dashboard as an iFrame in my site, I also add the jwtparam field to my request, however, the request now takes the following shape:
And this tells me that my token is invalid! Boo.
So basically, my jwt token is refused when sent as a parameter to the dashboard. Is this expected behaviour? Is there some kind of workaround? I’m simply trying to embed a dashboard in my site without triggering an obvious sign-on process. Seems like embedding the token in the iFrame’s URL is the way, but I could stick it in the Auth header - or is there something I’m missing?
I should add:
Help with this would be greatly appreciated!