Security Settings in Kibana

You do not need to configure any additional settings to use X-Pack security in Kibana. It is enabled by default.

General Security Settings

xpack.security.enabled

Set to true (default) to enable X-Pack security.

If set to false in kibana.yml, the user and role management options are hidden in this Kibana instance. If xpack.security.enabled is set to true in elasticsearch.yml, however, you can still use the X-Pack security APIs. To disable X-Pack security entirely, see the Elasticsearch Security Settings.

xpack.security.useDefaultEsCredentials

Set to true (default) to use kibana and changeme for the Elasticsearch credentials in Kibana when elasticsearch.username and elasticsearch.password are not defined in kibana.yml.

If set to false in kibana.yml, Public Key Infrastructure (PKI) certificates are used as the fallback instead. For more information, see PKI User Authentication.