github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-29 03:24:45 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/docs/user/security/api-keys/index.asciidoc
florent-leborgne 8e7fb7a77e
[Docs] Update nav instructions and sample data installation to accommodate for the solution views (#199163) 
This PR:
- updates navigation instructions to accommodate for the navigation
changes related to solution views.
- updates instructions for adding sample data to rely on the
integrations page instead of the home page, that only exists with the
classic solution view
- updates references to the home page to avoid confusing users using one
of the new solution views

Closes: https://github.com/elastic/platform-docs-team/issues/529
Closes: https://github.com/elastic/platform-docs-team/issues/540
2024-11-08 11:10:32 +01:00

70 lines
3.6 KiB
Text
Raw Blame History

[role="xpack"]
[[api-keys]]
=== API Keys
API keys are security mechanisms used to authenticate and authorize access to {es} resources. They ensure that only authorized users or applications interact with {es}.
For example, if you extract data from an {es} cluster on a daily basis, you might create an API key tied to your credentials, configure it with minimum access, and then put the API credentials into a cron job. Or you might create API keys to automate ingestion of new data from remote sources, without a live user interaction.
You can use {kib} to manage your different API keys:
* User API key: allows external services to access the Elastic Stack on behalf of a user.
* Cross-cluster API key: allows other clusters to connect to this cluster.
* Managed API key: created and managed by Kibana to run background tasks.
To manage API keys, go to the *API Keys* management page using the navigation menu or the
<<kibana-navigation-search,global search field>>.
[role="screenshot"]
image:images/api-keys.png["API Keys UI"]
[float]
[[api-keys-security-privileges]]
=== Security privileges
* To use API keys in {kib}, you must have the `manage_security`, `manage_api_key`, or the `manage_own_api_key` cluster privileges.
* To delete API keys, you must have the `manage_api_key` or `manage_own_api_key` privileges.
* To create or update a *user API key*, you must have the `manage_api_key` or the `manage_own_api_key` privilege.
* To create or update a *cross-cluster API key*, you must have the `manage_security` privilege and an Enterprise license.
* To have a read-only view on the API keys, you must have access to the page and the `read_security` cluster privilege.
To manage roles, go to the *Roles* management page using the navigation menu or the
<<kibana-navigation-search,global search field>>, or use the {api-kibana}/group/endpoint-roles[role APIs].
[float]
[[create-api-key]]
=== Create an API key
To create an API key, go to the *API Keys* management page using the navigation menu or the
<<kibana-navigation-search,global search field>>, and select *Create API key*.
[role="screenshot"]
image:images/create-ccr-api-key.png["Create API Key UI"]
Refer to the {ref}/security-api-create-api-key.html[create API key] documentation to learn more about creating user API keys.
Refer to the {ref}/security-api-create-cross-cluster-api-key.html[create cross-cluster API key] documentation to learn more about creating cross-cluster API keys.
[float]
[[udpate-api-key]]
=== Update an API key
To update an API key, go to the *API Keys* management page using the navigation menu or the
<<kibana-navigation-search,global search field>>, and then click on the name of the key. You cannot update the name or the type of API key.
Refer to the {ref}/security-api-update-api-key.html[update API key] documentation to learn more about updating user API keys.
Refer to the {ref}/security-api-update-cross-cluster-api-key.html[update cross-cluster API key] documentation to learn more about updating cross-cluster API keys.
[float]
[[view-api-keys]]
=== View and delete API keys
The *API Keys* feature in {kib} lists your API keys, including the name, date created, and status. If an API key expires, its status changes from `Active` to `Expired`.
If you have `manage_security` or `manage_api_key` permissions, you can view the API keys of all users, and see which API key was created by which user in which realm.
If you have only the `manage_own_api_key` permission, you see only a list of your own keys.
You can delete API keys individually or in bulk, but you need the `manage_api_keys` or `manage_own_api_key` privileges.
Reference in a new issue View git blame Copy permalink