github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-06-30 10:23:41 -04:00
Code Issues Projects Releases Packages Wiki Activity
elasticsearch/docs/java-rest/high-level/security/enroll_kibana.asciidoc
Ioannis Kakavas a59684835d
Enroll Kibana API uses Service Accounts (#76370) 
This commit changes the Enroll Kibana API to create and return
a token for this service account, instead of setting and returning the
password of the kibana_system built-in user. Both the token name and
value are returned in the response of the API.
2021-08-17 14:41:35 +03:00

51 lines
2 KiB
Text
Raw Blame History

--
:api: kibana-enrollment
:request: KibanaEnrollmentRequest
:response: KibanaEnrollmentResponse
--
[id="{upid}-{api}"]
=== Enroll Kibana API
Allows a kibana instance to configure itself to communicate with a secured {es} cluster.
include::../execution.asciidoc[]
[id="{upid}-{api}-response"]
==== Enroll Kibana Response
The returned +{response}+ allows to retrieve information about the
executed operation as follows:
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
include-tagged::{doc-tests}/EnrollmentDocumentationIT.java[{api}-response]
--------------------------------------------------
<1> The bearer token for the `elastic/kibana` service account.
Use this token to {ref}/service-accounts.html#authenticate-with-service-account-token[authenticate the service account] with {es}.
<2> The value of the bearer token for the `elastic/kibana` service account.
<3> The CA certificate used to sign the node certificates that {es} uses for TLS
on the HTTP layer. The certificate is returned as a Base64 encoded string of the
ASN.1 DER encoding of the certificate.
[id="{upid}-{api}-execute-async"]
==== Asynchronous Execution
This request can be executed asynchronously using the `security().enrollClientAsync()`
method:
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
include-tagged::{doc-tests}/EnrollmentDocumentationIT.java[{api}-execute-async]
--------------------------------------------------
A typical listener for a `KibanaEnrollmentResponse` looks like:
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
include-tagged::{doc-tests}/EnrollmentDocumentationIT.java[{api}-execute-listener]
--------------------------------------------------
<1> Called when the execution is successfully completed. The response is
provided as an argument
<2> Called in case of failure. The raised exception is provided as an argument
Reference in a new issue View git blame Copy permalink