RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-api-key below:

Create an API key | Elasticsearch API documentation

Query parameters

If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

Values are true, false, or wait_for.

application/json Body Required

A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
An array of role descriptors for this API key. When it is not specified or it is an empty array, the API key will have a point in time snapshot of permissions of the authenticated user. If you supply role descriptors, the resultant permissions are an intersection of API keys permissions and the authenticated user's permissions thereby limiting the access scope for API keys. The structure of role descriptor is the same as the request for the create role API. For more details, refer to the create or update roles API.

NOTE: Due to the way in which this permission intersection is calculated, it is not possible to create an API key that is a child of another API key, unless the derived key is created without any privileges. In this case, you must explicitly specify a role descriptor with no privileges. The derived API key can be used for authentication; it will not have authority to call Elasticsearch APIs.
External documentation Hide role_descriptors attribute Show role_descriptors attribute object
- * object Additional properties Hide * attributes Show * attributes object
  - A list of cluster privileges. These privileges define the cluster level actions that API keys are able to execute.
  - A list of indices permissions entries.
    Hide indices attributes Show indices attributes object
    - Hide field_security attributes Show field_security attributes object
      - except string | array[string]
      - grant string | array[string]
    - names string | array[string] Required
      A list of indices (or index name patterns) to which the permissions in this entry apply.
    - privileges array[string] Required
      The index level privileges that owners of the role have on the specified indices.
    - query string | object
      While creating or updating a role you can provide either a JSON structure or a string to the API. However, the response provided by Elasticsearch will only be string with a json-as-text content.
      
      Since this is embedded in IndicesPrivileges, the same structure is used for clarity in both contexts.
      
      An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
      External documentation Hide attribute Show attribute
    - allow_restricted_indices boolean Generally available
      Set to true if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the names list, Elasticsearch checks privileges against these indices regardless of the value set for allow_restricted_indices.
  - remote_indices array[object] Generally available; Added in 8.14.0
    A list of indices permissions for remote clusters.
    
    The subset of index level privileges that can be defined for remote clusters.
    Hide remote_indices attributes Show remote_indices attributes object
    - clusters string | array[string] Required
    - Hide field_security attributes Show field_security attributes object
      - except string | array[string]
      - grant string | array[string]
    - names string | array[string] Required
      A list of indices (or index name patterns) to which the permissions in this entry apply.
    - privileges array[string] Required
      The index level privileges that owners of the role have on the specified indices.
    - query string | object
      While creating or updating a role you can provide either a JSON structure or a string to the API. However, the response provided by Elasticsearch will only be string with a json-as-text content.
      
      Since this is embedded in IndicesPrivileges, the same structure is used for clarity in both contexts.
      
      An Elasticsearch Query DSL (Domain Specific Language) object that defines a query.
      External documentation Hide attribute Show attribute
    - allow_restricted_indices boolean Generally available
      Set to true if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the names list, Elasticsearch checks privileges against these indices regardless of the value set for allow_restricted_indices.
  - remote_cluster array[object] Generally available; Added in 8.15.0
    A list of cluster permissions for remote clusters. NOTE: This is limited a subset of the cluster permissions.
    
    The subset of cluster level privileges that can be defined for remote clusters.
    Hide remote_cluster attributes Show remote_cluster attributes object
    - clusters string | array[string] Required
    - privileges array[string] Required
      The cluster level privileges that owners of the role have on the remote cluster.
      
      Values are monitor_enrich or monitor_stats.
  - global array[object] | object
    An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges.
    Hide attribute Show attribute object
    - application object Required Hide application attribute Show application attribute object
    Hide attribute Show attribute
    - application object Required Hide application attribute Show application attribute object
      - Hide manage attribute Show manage attribute object
        
        applications array[string] Required
  - applications array[object]
    A list of application privilege entries
    Hide applications attributes Show applications attributes object
    - application string Required
      The name of the application to which this entry applies.
    - privileges array[string] Required
      A list of strings, where each element is the name of an application privilege or action.
    - resources array[string] Required
      A list resources to which the privileges are applied.
  - Hide metadata attribute Show metadata attribute object
    - * object Additional properties
  - A list of users that the API keys can impersonate. NOTE: In Elastic Cloud Serverless, the run-as feature is disabled. For API compatibility, you can still specify an empty run_as field, but a non-empty list will be rejected.
  - Optional description of the role descriptor
  - Hide restriction attribute Show restriction attribute object
    - workflows array[string] Required
      A list of workflows to which the API key is restricted. NOTE: In order to use a role restriction, an API key must be created with a single role descriptor.
  - transient_metadata object Hide transient_metadata attribute Show transient_metadata attribute object
    - * object Additional properties
Hide metadata attribute Show metadata attribute object
- * object Additional properties

Responses

Hide response attributes Show response attributes object
- Generated API key.
- Expiration in milliseconds for the API key.
- encoded string Required Generally available; Added in 7.16.0
  API key credentials which is the base64-encoding of the UTF-8 representation of id and api_key joined by a colon (:).

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4