Retrieves a list of security realm configurations. NOTE: This is a beta feature.
-
200 - (
SecurityRealmInfoList) The security realm configurations were successfully returned
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
Reorder security realms. NOTE: This is a beta feature.
(SecurityRealmsReorderRequest) (required) The reorder request
-
200 - (
EmptyResponse) The reorder request was successful -
400 - (
BasicFailedReply) * Invalid ids . (code:security_realm.invalid_ids) * Missing ids . (code:security_realm.missing_ids) -
449 - (
BasicFailedReply) Elevated permissions are required. (code:root.unauthorized.rbac.elevated_permissions_required)
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
Creates a new LDAP configuration. NOTE: This is a beta feature.
(LdapSettings) (required) The LDAP configuration
-
201 (
EmptyResponse) The LDAP configuration was successfully createdHeaders
-
x-cloud-resource-created(string) - The date-time when the resource was created (ISO format relative to UTC)
-
x-cloud-resource-last-modified(string) - The date-time when the resource was last modified (ISO format relative to UTC)
-
x-cloud-resource-version(string) - The resource version, which is used to avoid update conflicts with concurrent operations
-
-
400 - (
BasicFailedReply) * The realm id is already in use. (code:security_realm.id_conflict) * The selected id is not valid. (code:security_realm.invalid_id) * Order must be greater than zero. (code:security_realm.invalid_order) * Invalid Elasticsearch Security realm type. (code:security_realm.invalid_type) * The realm order is already in use. (code:security_realm.order_conflict) * Advanced YAML format is invalid. (code:security_realm.invalid_yaml) * The url format is invalid. (code:security_realm.invalid_url) * Invalid LDAP URL. (code:security_realm.ldap.invalid_url) * Invalid certificate bundle URL. (code:security_realm.invalid_bundle_url) -
449 - (
BasicFailedReply) Elevated permissions are required. (code:root.unauthorized.rbac.elevated_permissions_required)
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
curl -XPOST {{hostname}}/api/v1/platform/configuration/security/realms/ldap \
-u $CLOUD_USER:$CLOUD_KEY \
-H 'Content-Type: application/json' \
-d '
{
"bind_anonymously" : true,
"bind_dn" : "string",
"bind_password" : "string",
"bind_type" : "string",
"certificate_url" : "string",
"certificate_url_truststore_password" : "string",
"certificate_url_truststore_type" : "string",
"enabled" : true,
"group_search" : {
"base_dn" : "string",
"filter" : "string",
"scope" : "string",
"user_attribute" : "string"
},
"id" : "string",
"load_balance" : {
"cache_ttl" : "string",
"type" : "string"
},
"name" : "string",
"order" : 0,
"override_yaml" : "string",
"role_mappings" : {
"default_roles" : [
"string"
],
"rules" : [
{
"roles" : [
"string"
],
"type" : "string",
"value" : "string"
}
]
},
"urls" : [
"string"
],
"user_dn_templates" : [
"string"
],
"user_group_attribute" : "string",
"user_search" : {
"base_dn" : "string",
"filter" : "string",
"scope" : "string"
}
}
'Deletes a single LDAP configuration. NOTE: This is a beta feature.
| Name | Type | Required | Description |
|---|---|---|---|
|
| Y | The Elasticsearch Security realm identifier. |
| Name | Type | Required | Description |
|---|---|---|---|
|
| N | When specified, checks for conflicts against the version stored in the persistent store (returned in 'x-cloud-resource-version' of the GET request) |
-
200 - (
EmptyResponse) The LDAP configuration was successfully deleted -
404 - (
BasicFailedReply) The realm specified by {realm_id} cannot be found. (code:security_realm.not_found) -
409 - (
BasicFailedReply) There is a version conflict. (code:security_realm.version_conflict) -
449 - (
BasicFailedReply) Elevated permissions are required. (code:root.unauthorized.rbac.elevated_permissions_required)
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
Retrieves a single LDAP security realm configuration. NOTE: This is a beta feature.
| Name | Type | Required | Description |
|---|---|---|---|
|
| Y | The Elasticsearch Security realm identifier. |
-
200 (
LdapSettings) The LDAP configuration was successfully retrievedHeaders
-
x-cloud-resource-created(string) - The date-time when the resource was created (ISO format relative to UTC)
-
x-cloud-resource-last-modified(string) - The date-time when the resource was last modified (ISO format relative to UTC)
-
x-cloud-resource-version(string) - The resource version, which is used to avoid update conflicts with concurrent operations
-
-
404 - (
BasicFailedReply) The realm specified by {realm_id} cannot be found. (code:security_realm.not_found)
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
Updates an existing LDAP configuration. NOTE: This is a beta feature.
| Name | Type | Required | Description |
|---|---|---|---|
|
| Y | The Elasticsearch Security realm identifier. |
| Name | Type | Required | Description |
|---|---|---|---|
|
| N | When specified, checks for conflicts against the version stored in the persistent store (returned in 'x-cloud-resource-version' of the GET request) |
(LdapSettings) (required) The LDAP configuration
-
200 (
EmptyResponse) The LDAP configuration was successfully updatedHeaders
-
x-cloud-resource-created(string) - The date-time when the resource was created (ISO format relative to UTC)
-
x-cloud-resource-last-modified(string) - The date-time when the resource was last modified (ISO format relative to UTC)
-
x-cloud-resource-version(string) - The resource version, which is used to avoid update conflicts with concurrent operations
-
-
400 - (
BasicFailedReply) * The realm id is already in use. (code:security_realm.id_conflict) * The selected id is not valid. (code:security_realm.invalid_id) * Order must be greater than zero. (code:security_realm.invalid_order) * Invalid Elasticsearch Security realm type. (code:security_realm.invalid_type) * The realm order is already in use. (code:security_realm.order_conflict) * Advanced YAML format is invalid. (code:security_realm.invalid_yaml) * The url format is invalid. (code:security_realm.invalid_url) * Invalid LDAP URL. (code:security_realm.ldap.invalid_url) * Invalid certificate bundle URL. (code:security_realm.invalid_bundle_url) -
404 - (
BasicFailedReply) The realm specified by {realm_id} cannot be found. (code:security_realm.not_found) -
409 - (
BasicFailedReply) There is a version conflict. (code:security_realm.version_conflict) -
449 - (
BasicFailedReply) Elevated permissions are required. (code:root.unauthorized.rbac.elevated_permissions_required)
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
curl -XPUT {{hostname}}/api/v1/platform/configuration/security/realms/ldap/{realm_id} \
-u $CLOUD_USER:$CLOUD_KEY \
-H 'Content-Type: application/json' \
-d '
{
"bind_anonymously" : true,
"bind_dn" : "string",
"bind_password" : "string",
"bind_type" : "string",
"certificate_url" : "string",
"certificate_url_truststore_password" : "string",
"certificate_url_truststore_type" : "string",
"enabled" : true,
"group_search" : {
"base_dn" : "string",
"filter" : "string",
"scope" : "string",
"user_attribute" : "string"
},
"id" : "string",
"load_balance" : {
"cache_ttl" : "string",
"type" : "string"
},
"name" : "string",
"order" : 0,
"override_yaml" : "string",
"role_mappings" : {
"default_roles" : [
"string"
],
"rules" : [
{
"roles" : [
"string"
],
"type" : "string",
"value" : "string"
}
]
},
"urls" : [
"string"
],
"user_dn_templates" : [
"string"
],
"user_group_attribute" : "string",
"user_search" : {
"base_dn" : "string",
"filter" : "string",
"scope" : "string"
}
}
'Creates a new SAML configuration. NOTE: This is a beta feature.
(SamlSettings) (required) The SAML configuration
-
201 (
EmptyResponse) The SAML configuration was successfully createdHeaders
-
x-cloud-resource-created(string) - The date-time when the resource was created (ISO format relative to UTC)
-
x-cloud-resource-last-modified(string) - The date-time when the resource was last modified (ISO format relative to UTC)
-
x-cloud-resource-version(string) - The resource version, which is used to avoid update conflicts with concurrent operations
-
-
400 - (
BasicFailedReply) * The realm id is already in use. (code:security_realm.id_conflict) * The selected id is not valid. (code:security_realm.invalid_id) * Order must be greater than zero. (code:security_realm.invalid_order) * Invalid Elasticsearch Security realm type. (code:security_realm.invalid_type) * The realm order is already in use. (code:security_realm.order_conflict) * Advanced YAML format is invalid. (code:security_realm.invalid_yaml) * The SAML IDP metadata endpoint returned an error response code 200 OK. (code:security_realm.saml.invalid_idp_metadata_url) * Invalid certificate bundle URL. (code:security_realm.invalid_bundle_url) -
449 - (
BasicFailedReply) Elevated permissions are required. (code:root.unauthorized.rbac.elevated_permissions_required)
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
curl -XPOST {{hostname}}/api/v1/platform/configuration/security/realms/saml \
-u $CLOUD_USER:$CLOUD_KEY \
-H 'Content-Type: application/json' \
-d '
{
"attributes" : {
"dn" : "string",
"groups" : "string",
"mail" : "string",
"name" : "string",
"principal" : "string"
},
"enabled" : true,
"encryption_certificate_url" : "string",
"encryption_certificate_url_password" : "string",
"force_authn" : true,
"id" : "string",
"idp" : {
"entity_id" : "string",
"metadata_path" : "string",
"use_single_logout" : true
},
"name" : "string",
"order" : 0,
"override_yaml" : "string",
"role_mappings" : {
"default_roles" : [
"string"
],
"rules" : [
{
"roles" : [
"string"
],
"type" : "string",
"value" : "string"
}
]
},
"signing_certificate_url" : "string",
"signing_certificate_url_password" : "string",
"signing_saml_messages" : [
"string"
],
"sp" : {
"acs" : "string",
"entity_id" : "string",
"logout" : "string"
},
"ssl_certificate_url" : "string",
"ssl_certificate_url_truststore_password" : "string",
"ssl_certificate_url_truststore_type" : "string"
}
'Deletes a single SAML configuration. NOTE: This is a beta feature.
| Name | Type | Required | Description |
|---|---|---|---|
|
| Y | The Elasticsearch Security realm identifier. |
| Name | Type | Required | Description |
|---|---|---|---|
|
| N | When specified, checks for conflicts against the version stored in the persistent store (returned in 'x-cloud-resource-version' of the GET request) |
-
200 - (
EmptyResponse) The SAML configuration was successfully deleted -
404 - (
BasicFailedReply) The realm specified by {realm_id} cannot be found. (code:security_realm.not_found) -
409 - (
BasicFailedReply) There is a version conflict. (code:security_realm.version_conflict) -
449 - (
BasicFailedReply) Elevated permissions are required. (code:root.unauthorized.rbac.elevated_permissions_required)
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
Retrieves a single SAML security realm configuration. NOTE: This is a beta feature.
| Name | Type | Required | Description |
|---|---|---|---|
|
| Y | The Elasticsearch Security realm identifier. |
-
200 (
SamlSettings) The SAML configuration was successfully retrievedHeaders
-
x-cloud-resource-created(string) - The date-time when the resource was created (ISO format relative to UTC)
-
x-cloud-resource-last-modified(string) - The date-time when the resource was last modified (ISO format relative to UTC)
-
x-cloud-resource-version(string) - The resource version, which is used to avoid update conflicts with concurrent operations
-
-
404 - (
BasicFailedReply) The realm specified by {realm_id} cannot be found. (code:security_realm.not_found)
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
Updates an existing SAML configuration. NOTE: This is a beta feature.
| Name | Type | Required | Description |
|---|---|---|---|
|
| Y | The Elasticsearch Security realm identifier. |
| Name | Type | Required | Description |
|---|---|---|---|
|
| N | When specified, checks for conflicts against the version stored in the persistent store (returned in 'x-cloud-resource-version' of the GET request) |
(SamlSettings) (required) The SAML configuration
-
200 (
EmptyResponse) The SAML configuration was successfully updatedHeaders
-
x-cloud-resource-created(string) - The date-time when the resource was created (ISO format relative to UTC)
-
x-cloud-resource-last-modified(string) - The date-time when the resource was last modified (ISO format relative to UTC)
-
x-cloud-resource-version(string) - The resource version, which is used to avoid update conflicts with concurrent operations
-
-
400 - (
BasicFailedReply) * The realm id is already in use. (code:security_realm.id_conflict) * The selected id is not valid. (code:security_realm.invalid_id) * Order must be greater than zero. (code:security_realm.invalid_order) * Invalid Elasticsearch Security realm type. (code:security_realm.invalid_type) * The realm order is already in use. (code:security_realm.order_conflict) * Advanced YAML format is invalid. (code:security_realm.invalid_yaml) * The SAML IDP metadata endpoint returned an error response code 200 OK. (code:security_realm.saml.invalid_idp_metadata_url) * Invalid certificate bundle URL. (code:security_realm.invalid_bundle_url) -
404 - (
BasicFailedReply) The realm specified by {realm_id} cannot be found. (code:security_realm.not_found) -
409 - (
BasicFailedReply) There is a version conflict. (code:security_realm.version_conflict) -
449 - (
BasicFailedReply) Elevated permissions are required. (code:root.unauthorized.rbac.elevated_permissions_required)
To perform this operation, you must be authenticated by means of one of the following methods: apiKey, basicAuth.
curl -XPUT {{hostname}}/api/v1/platform/configuration/security/realms/saml/{realm_id} \
-u $CLOUD_USER:$CLOUD_KEY \
-H 'Content-Type: application/json' \
-d '
{
"attributes" : {
"dn" : "string",
"groups" : "string",
"mail" : "string",
"name" : "string",
"principal" : "string"
},
"enabled" : true,
"encryption_certificate_url" : "string",
"encryption_certificate_url_password" : "string",
"force_authn" : true,
"id" : "string",
"idp" : {
"entity_id" : "string",
"metadata_path" : "string",
"use_single_logout" : true
},
"name" : "string",
"order" : 0,
"override_yaml" : "string",
"role_mappings" : {
"default_roles" : [
"string"
],
"rules" : [
{
"roles" : [
"string"
],
"type" : "string",
"value" : "string"
}
]
},
"signing_certificate_url" : "string",
"signing_certificate_url_password" : "string",
"signing_saml_messages" : [
"string"
],
"sp" : {
"acs" : "string",
"entity_id" : "string",
"logout" : "string"
},
"ssl_certificate_url" : "string",
"ssl_certificate_url_truststore_password" : "string",
"ssl_certificate_url_truststore_type" : "string"
}
'