github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-06-30 02:13:33 -04:00
Code Issues Projects Releases Packages Wiki Activity
elasticsearch/docs/reference/rest-api/security/clear-service-token-caches.asciidoc
Lisa Cawley 8a821f0a96
[DOCS] More links to new API site (#119380)
2024-12-31 12:02:59 -08:00

78 lines
2.4 KiB
Text
Raw Blame History

[role="xpack"]
[[security-api-clear-service-token-caches]]
=== Clear service account token caches API
++++
<titleabbrev>Clear service account token caches</titleabbrev>
++++
.New API reference
[sidebar]
--
For the most up-to-date API details, refer to {api-es}/group/endpoint-security[Security APIs].
--
Evicts a subset of all entries from the <<service-accounts,service account>>
token caches.
[[security-api-clear-service-token-caches-request]]
==== {api-request-title}
`POST /_security/service/{namespace}/{service}/credential/token/{token_name}/_clear_cache`
[[security-api-clear-service-token-caches-prereqs]]
==== {api-prereq-title}
* To use this API, you must have at least the `manage_security`
<<privileges-list-cluster,cluster privilege>>.
[[security-api-clear-service-token-caches-desc]]
==== {api-description-title}
Two, separate caches exist for service account tokens: one cache for tokens
backed by the `service_tokens` file, and another for tokens backed by the
`.security` index. This API clears matching entries from both caches.
The cache for service account tokens backed by the `.security` index is cleared
automatically on state changes of the security index. The cache for tokens
backed by the `service_tokens` file is cleared automatically on file changes.
See <<service-accounts,Service accounts>> for more information.
[[security-api-clear-service-token-caches-path-params]]
==== {api-path-parms-title}
`namespace`::
(Required, string) Name of the namespace.
`service`::
(Required, string) Name of the service name.
`token_name`::
(Required, string) Comma-separated list of token names to evict from the
service account token caches. Use a wildcard (`*`) to evict all tokens that
belong to a service account. Does not support other wildcard patterns.
[[security-api-clear-service-token-caches-example]]
==== {api-examples-title}
The following request clears the service account token cache for the `token1`
token:
[source,console]
----
POST /_security/service/elastic/fleet-server/credential/token/token1/_clear_cache
----
Specify multiple token names as a comma-separated list:
[source,console]
----
POST /_security/service/elastic/fleet-server/credential/token/token1,token2/_clear_cache
----
To clear all entries from the service account token caches, use a wildcard
(`*`) in place of token names:
[source,console]
----
POST /_security/service/elastic/fleet-server/credential/token/*/_clear_cache
----
Reference in a new issue View git blame Copy permalink