## Summary
API keys can now be updated via the API Keys Management screen
## Release Note
API Keys can now be updated with new Role Descriptors and Metadata via
the API Keys Management screen.
## Testing Instructions
Login as `elastic`
Navigate to Roles and create a new role with the `read_security` cluster
privilege:
<img width="962" alt="Screen Shot 2022-11-30 at 9 42 31 AM"
src="https://user-images.githubusercontent.com/21210601/204826868-a8f6bf03-acf8-404c-90c8-e2b9ab62dc11.png">
Create a new user and assign that new role, `viewer`, and
`kibana_admin`:
<img width="936" alt="Screen Shot 2022-11-30 at 9 43 10 AM"
src="https://user-images.githubusercontent.com/21210601/204827030-e5f97f8e-6676-4c18-8a46-f6afee87ba12.png">
Navigate to Dev Tools and run the following:
```json
POST /_security/api_key/grant
{
"grant_type": "password",
"username" : "elastic",
"password" : "changeme",
"run_as": "elastic",
"api_key" : {
"name": "test-expired-key",
"expiration": "1ms"
}
}
POST /_security/api_key/grant
{
"grant_type": "password",
"username" : "elastic",
"password" : "changeme",
"run_as": "test_user",
"api_key" : {
"name": "test-user-key",
"expiration": "1d"
}
}
```
The first command will create an API key for the `elastic` user that
expires immediately.
The second command will create an API key for `test_user`.
Navigate to the API Key page, click the name column links to see a
readonly view for the 2 previously created keys as users cannot update
an API key that belongs to another user nor an API key that is expired.
Create a new API key:
<img width="632" alt="Screen Shot 2022-11-30 at 9 44 52 AM"
src="https://user-images.githubusercontent.com/21210601/204829114-672c6583-8801-4af0-bfa8-64ae1072ef46.png">
Click the name link for the newly created API key to see the Update API
key flyout.
Update the fields and click submit:
<img width="642" alt="Screen Shot 2022-11-30 at 9 45 59 AM"
src="https://user-images.githubusercontent.com/21210601/204829914-9fb1f8e6-8b3f-4acc-b63f-d7e4a0906727.png">
If the update was successful:
<img width="904" alt="Screen Shot 2022-11-30 at 9 46 42 AM"
src="https://user-images.githubusercontent.com/21210601/204830133-1dcb083b-f945-4980-9e91-19081c224b55.png">
Now click the name link again for the updated key and click submit
without making changes. You should see a warning:
<img width="895" alt="Screen Shot 2022-11-30 at 9 46 52 AM"
src="https://user-images.githubusercontent.com/21210601/204830570-2ca5e2e0-19b6-43ce-b7e4-ae594be6a86b.png">
Logout the `elastic` user and login as `test_user`
Navigate to API Keys and click the existing API Key to see a readonly
view flyout:
<img width="639" alt="Screen Shot 2022-11-30 at 9 58 25 AM"
src="https://user-images.githubusercontent.com/21210601/204832019-640ecd2e-4bcb-402b-a164-e8b8eb9f8848.png">
Thanks for reviewing!
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Adding deprecation warning for Interactive Users using ApiKeys
* Fixing unit test verbiage
* Update docs/user/security/authentication/index.asciidoc
Co-authored-by: Larry Gregory <lgregorydev@gmail.com>
* Update docs/user/security/api-keys/index.asciidoc
Co-authored-by: Larry Gregory <lgregorydev@gmail.com>
* Changing capitalization on 'keys' to avoid confusion with the UI API Keys
* Update docs/user/security/api-keys/index.asciidoc
Co-authored-by: Larry Gregory <lgregorydev@gmail.com>
* Update docs/user/security/authentication/index.asciidoc
Co-authored-by: Larry Gregory <lgregorydev@gmail.com>
* Changing the logging message and unit test descriptions based on PR review feedback
* Update x-pack/plugins/security/server/routes/analytics/authentication_type.test.ts
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>
* Update x-pack/plugins/security/server/routes/analytics/authentication_type.ts
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>
* Update x-pack/plugins/security/server/routes/analytics/authentication_type.ts
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>
* Removing unnecessary whitespace
* Fixing spelling in unit test assertion
Co-authored-by: Larry Gregory <lgregorydev@gmail.com>
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>
