github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-06-28 17:34:17 -04:00
Code Issues Projects Releases Packages Wiki Activity
elasticsearch/docs/reference/rest-api/security/enroll-kibana.asciidoc
James Rodewig 255c9a7f95
[DOCS] Move x-pack docs to docs/reference dir (#99209) 
**Problem:**
For historical reasons, source files for the Elasticsearch Guide's security, watcher, and Logstash API docs are housed in the `x-pack/docs` directory. This can confuse new contributors who expect Elasticsearch Guide docs to be located in `docs/reference`. 

**Solution:**
- Move the security, watcher, and Logstash API doc source files to the `docs/reference` directory
- Update doc snippet tests to use security

Rel: https://github.com/elastic/platform-docs-team/issues/208
2023-09-12 14:53:41 -04:00

50 lines
1.6 KiB
Text
Raw Blame History

[[security-api-kibana-enrollment]]
=== Enroll {kib} API
++++
<titleabbrev>Enroll {kib}</titleabbrev>
++++
Enables a {kib} instance to configure itself for communication with a secured {es} cluster.
NOTE: This API is currently intended for internal use only by {kib}.
[[security-api-kibana-enrollment-request]]
==== {api-request-title}
`GET /_security/enroll/kibana`
[[security-api-kibana-enrollment-desc]]
==== {api-description-title}
{kib} uses this API internally to configure itself for communications with an
{es} cluster that already has security features enabled.
[[security-api-client-enrollment-examples]]
==== {api-examples-title}
The following example shows how to enroll a {kib} instance.
[source,console]
----
GET /_security/enroll/kibana
----
// TEST[skip:we need to enable HTTP TLS for the docs cluster]
The API returns the following response:
[source,console_result]
----
{
"token" : {
"name" : "enroll-process-token-1629123923000", <1>
"value": "AAEAAWVsYXN0aWM...vZmxlZXQtc2VydmVyL3Rva2VuMTo3TFdaSDZ" <2>
},
"http_ca" : "MIIJlAIBAzVoGCSqGSIb3...vsDfsA3UZBAjEPfhubpQysAICAA=", <3>
}
----
<1> The name of the bearer token for the `elastic/kibana` service account.
<2> The value of the bearer token for the `elastic/kibana` service account.
Use this value to {ref}/service-accounts.html#authenticate-with-service-account-token[authenticate the service account] with {es}.
<3> The CA certificate used to sign the node certificates that {es} uses for TLS
on the HTTP layer. The certificate is returned as a Base64 encoded string of the
ASN.1 DER encoding of the certificate.
Reference in a new issue View git blame Copy permalink