Anonymous user creates patterns in Global tenant only

Hi everyone,

We have configured our Kibana to use Okta authentication and the MFA enforcement is on.
This prevents me from running my python scripts that takes the list of all indices and creates tenants per each indice.

User-Agent': 'python-requests/2.25.1', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive', 'kbn-xsrf': 'true', 'securitytenant': 'tenant-116a30c1-67da-4f01-b736-0c4dd9af825b', 'Cookie': 'security_authentication=Fe26.2**b4f0a09e7716881c8fa45d62c0b0fcc26d461be1f16ae4ed9657cf339ead0aac*u1vwGaA9a6x8ac5cSIeGkg*OOZtnOS1gW1h6N_jTOmoKfNxvF796k861aFqTEpahO0Wr0VODlWyUiu24T9xMBRHE89rhFuczz3xOz8viQp8tk3SeOeKtuqxSq6BFAU2jxySZuJNNZ_dnh2cIeSxYoJi-pZP1OjL7Qhh1oz1GeL8s0RAQsAvI_zQ08iVB-y96DUMCVpD01JS1csQfUw32Ye5pX0AAZ_IghtKc7bp-avvcfCVfWkJqlurXmwO-_Sm5zoeQpeb9vx_N2Q8daZPVhGP**1b26ce6b89f77ea713c8f9c70afbe63f034e23a62aca000501356b6054312cab*sfC_rog6ycPM3OSUhigrF5J5FVTh-HRxR7MWbkLk_hY', 'Content-Length': '103', 'Content-Type': 'application/json', 'Authorization': 'Basic ZWJpcml1a292Ok5Yck5wLVEzX3kyLkpC'}

From the above you can see that the “securitytenant” header is passed on but all of the patterns are still going into the Global tenant.

Please note that without MFA with a valid user in Okta, the script works as expected.

Any help here? Would really appreciate it since it is blocking us from production.

I’m suffering the same problem, when I use the anonymous user, I always see the Global tenant despite I change to another one.

Before I switch to a new tenant, the ‘Global’ one appears.

Change to a previous created one (public):

After that the tenant is still ‘Global’.

Any advances about this problem?