mirror of
https://github.com/elastic/kibana.git
synced 2025-04-23 17:28:26 -04:00
d489a2a3ab
removed ` characters from the API request. ## Summary Summarize your PR. If it involves visual changes include a screenshot or gif. ### Checklist Delete any items that are not applicable to this PR. - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] Any UI touched in this PR is usable by keyboard only (learn more about [keyboard accessibility](https://webaim.org/techniques/keyboard/)) - [ ] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [ ] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [ ] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) ### Risk Matrix Delete this section if it is not applicable to this PR. Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release. When forming the risk matrix, consider some of the following examples and how they may potentially impact the change: | Risk | Probability | Severity | Mitigation/Notes | |---------------------------|-------------|----------|-------------------------| | Multiple Spaces—unexpected behavior in non-default Kibana Space. | Low | High | Integration tests will verify that all features are still supported in non-default Kibana Space and when user switches between spaces. | | Multiple nodes—Elasticsearch polling might have race conditions when multiple Kibana nodes are polling for the same tasks. | High | Low | Tasks are idempotent, so executing them multiple times will not result in logical error, but will degrade performance. To test for this case we add plenty of unit tests around this logic and document manual testing procedure. | | Code should gracefully handle cases when feature X or plugin Y are disabled. | Medium | High | Unit tests will verify that any feature flag or plugin combination still results in our service operational. | | [See more potential risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) | ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
109 lines
4 KiB
Text
109 lines
4 KiB
Text
[[api]]
|
|
= REST API
|
|
|
|
Some {kib} features are provided via a REST API, which is ideal for creating an
|
|
integration with {kib}, or automating certain aspects of configuring and
|
|
deploying {kib}.
|
|
|
|
[float]
|
|
[[using-apis]]
|
|
== Using the APIs
|
|
|
|
Prepend any {kib} API endpoint with `kbn:` and send the request through <<console-kibana, Dev Tools > Console>>.
|
|
For example:
|
|
|
|
[source,sh]
|
|
--------------------------------------------------
|
|
GET kbn:/api/index_management/indices
|
|
--------------------------------------------------
|
|
|
|
Note: this will automatically prefix `s/{space_id}/` on the API request if ran from a non-default Kibana Space.
|
|
|
|
[float]
|
|
[[api-authentication]]
|
|
=== Authentication
|
|
The {kib} APIs support key- and token-based authentication.
|
|
|
|
[float]
|
|
[[token-api-authentication]]
|
|
==== Token-based authentication
|
|
|
|
To use token-based authentication, you use the same username and password that you use to log into Elastic.
|
|
In a given HTTP tool, and when available, you can select to use its 'Basic Authentication' option,
|
|
which is where the username and password are stored in order to be passed as part of the call.
|
|
|
|
[float]
|
|
[[key-authentication]]
|
|
==== Key-based authentication
|
|
|
|
To use key-based authentication, you create an API key using the Elastic Console, then specify the key in the header of your API calls.
|
|
|
|
For information about API keys, refer to <<api-keys,API keys>>.
|
|
|
|
[float]
|
|
[[api-calls]]
|
|
=== API calls
|
|
API calls are stateless. Each request that you make happens in isolation from other calls and must include all of the necessary information for {kib} to fulfill the request. API requests return JSON output, which is a format that is machine-readable and works well for automation.
|
|
|
|
Calls to the API endpoints require different operations. To interact with the {kib} APIs, use the following operations:
|
|
|
|
* *GET* - Fetches the information.
|
|
|
|
* *POST* - Adds new information.
|
|
|
|
* *PUT* - Updates the existing information.
|
|
|
|
* *DELETE* - Removes the information.
|
|
|
|
[float]
|
|
[[api-request-headers]]
|
|
=== Request headers
|
|
|
|
For all APIs, you must use a request header. The {kib} APIs support the `kbn-xsrf` and `Content-Type` headers.
|
|
|
|
`kbn-xsrf: true`::
|
|
By default, you must use `kbn-xsrf` for all API calls, except in the following scenarios:
|
|
|
|
* The API endpoint uses the `GET` or `HEAD` operations
|
|
* The path is allowed using the <<settings-xsrf-allowlist, `server.xsrf.allowlist`>> setting
|
|
* XSRF protections are disabled using the <<settings-xsrf-disableProtection, `server.xsrf.disableProtection`>> setting
|
|
|
|
`Content-Type: application/json`::
|
|
Applicable only when you send a payload in the API request. {kib} API requests and responses use JSON.
|
|
Typically, if you include the `kbn-xsrf` header, you must also include the `Content-Type` header.
|
|
|
|
Request header example:
|
|
|
|
[source,sh]
|
|
--------------------------------------------
|
|
curl -X POST \
|
|
http://localhost:5601/api/spaces/space \
|
|
-H 'Content-Type: application/json' \
|
|
-H 'kbn-xsrf: true' \
|
|
-d '{
|
|
"id": "sales",
|
|
"name": "Sales",
|
|
"description": "This is your Sales Space!",
|
|
"disabledFeatures": []
|
|
}
|
|
'
|
|
--------------------------------------------
|
|
|
|
|
|
include::{kib-repo-dir}/api/features.asciidoc[]
|
|
include::{kib-repo-dir}/api/spaces-management.asciidoc[]
|
|
include::{kib-repo-dir}/api/role-management.asciidoc[]
|
|
include::{kib-repo-dir}/api/session-management.asciidoc[]
|
|
include::{kib-repo-dir}/api/saved-objects.asciidoc[]
|
|
include::{kib-repo-dir}/api/data-views.asciidoc[]
|
|
include::{kib-repo-dir}/api/index-patterns.asciidoc[]
|
|
include::{kib-repo-dir}/api/alerting.asciidoc[]
|
|
include::{kib-repo-dir}/api/actions-and-connectors.asciidoc[]
|
|
include::{kib-repo-dir}/api/cases.asciidoc[]
|
|
include::{kib-repo-dir}/api/dashboard-api.asciidoc[]
|
|
include::{kib-repo-dir}/api/logstash-configuration-management.asciidoc[]
|
|
include::{kib-repo-dir}/api/machine-learning.asciidoc[]
|
|
include::{kib-repo-dir}/api/osquery-manager.asciidoc[]
|
|
include::{kib-repo-dir}/api/short-urls.asciidoc[]
|
|
include::{kib-repo-dir}/api/task-manager/health.asciidoc[]
|
|
include::{kib-repo-dir}/api/upgrade-assistant.asciidoc[]
|