Create API key

POST /users/auth/keys
Basic auth Api key

Creates a new API key.

application/json

Body Required

The request to create the API key

  • description string Required

    API key description. Useful if there are multiple keys

  • expiration string

    The optional expiration for the API key, provided as a duration (ex: '1d', '3h')

  • role_assignments object

    The roles that will be assigned to users once they accept the invitation. Currently unavailable in self-hosted ECE.

    Hide role_assignments attributes Show role_assignments attributes object
    • platform array[object]

      Assignments for roles with platform scope.

      Assignment for a role with platform scope.

      Hide platform attribute Show platform attribute object
      • role_id string Required

        The ID of the role that is assigned.

    • organization array[object]

      Assignments for roles with organization scope.

      Assignment for a role with organization scope.

      Hide organization attributes Show organization attributes object
      • role_id string Required

        The ID of the role that is assigned.

      • organization_id string Required

        The ID of the organization the role is scoped to.

    • deployment array[object]

      Assignments for roles with deployment scope.

      Assignment for a role with deployment scope.

      Hide deployment attributes Show deployment attributes object
      • role_id string Required

        The ID of the role that is assigned.

      • organization_id string Required

        The ID of the organization the role is scoped to.

      • all boolean

        When true, the role applies to all deployments in the organization, otherwise the role is scoped to the deployments specified in deployment_ids.

      • deployment_ids array[string]

        The IDs of the deployments the role is scoped to. Must be absent if all is true, and present if all is false.

      • application_roles array[string]

        If provided, the user assigned this role assignment will be granted this application role when signing in to the deployment(s) specified in the role assignment.

    • project object

      Assignments for roles with project scope.

      Hide project attributes Show project attributes object
      • elasticsearch array[object]

        The Elasticsearch project-scoped role assignments to set

        Assignment for a role with project scope.

        Hide elasticsearch attributes Show elasticsearch attributes object
        • role_id string Required

          The ID of the role that is assigned.

        • organization_id string Required

          The ID of the organization the role is scoped to.

        • all boolean

          When true, the role applies to all projects in the organization, otherwise the role is scoped to the projects specified in project_ids.

        • project_ids array[string]

          The IDs of the projects the role is scoped to. Must be absent if all is true, and present if all is false.

        • application_roles array[string]

          If provided, the user assigned this role assignment will be granted this application role when signing in to the project(s) specified in the role assignment.

      • observability array[object]

        The Observability project-scoped role assignments to set

        Assignment for a role with project scope.

        Hide observability attributes Show observability attributes object
        • role_id string Required

          The ID of the role that is assigned.

        • organization_id string Required

          The ID of the organization the role is scoped to.

        • all boolean

          When true, the role applies to all projects in the organization, otherwise the role is scoped to the projects specified in project_ids.

        • project_ids array[string]

          The IDs of the projects the role is scoped to. Must be absent if all is true, and present if all is false.

        • application_roles array[string]

          If provided, the user assigned this role assignment will be granted this application role when signing in to the project(s) specified in the role assignment.

      • security array[object]

        The Security project-scoped role assignments to set

        Assignment for a role with project scope.

        Hide security attributes Show security attributes object
        • role_id string Required

          The ID of the role that is assigned.

        • organization_id string Required

          The ID of the organization the role is scoped to.

        • all boolean

          When true, the role applies to all projects in the organization, otherwise the role is scoped to the projects specified in project_ids.

        • project_ids array[string]

          The IDs of the projects the role is scoped to. Must be absent if all is true, and present if all is false.

        • application_roles array[string]

          If provided, the user assigned this role assignment will be granted this application role when signing in to the project(s) specified in the role assignment.

Responses

  • 201 application/json

    The API key is created and returned in the body of the response.

    Hide response attributes Show response attributes object
    • id string Required

      The API key ID.

    • user_id string

      The user ID.

    • organization_id string

      The organization ID linked to the API key

    • description string Required

      The API key description. TIP: Useful when you have multiple API keys.

    • key string

      The API key. TIP: Since the API key is returned only once, save it in a safe place.

    • creation_date string(date-time) Required

      The date/time for when the API key is created.

    • expiration_date string(date-time)

      The date/time when the API key expires.

    • role_assignments object

      The roles that will be assigned to users once they accept the invitation. Currently unavailable in self-hosted ECE.

      Hide role_assignments attributes Show role_assignments attributes object
      • platform array[object]

        Assignments for roles with platform scope.

        Assignment for a role with platform scope.

        Hide platform attribute Show platform attribute object
        • role_id string Required

          The ID of the role that is assigned.

      • organization array[object]

        Assignments for roles with organization scope.

        Assignment for a role with organization scope.

        Hide organization attributes Show organization attributes object
        • role_id string Required

          The ID of the role that is assigned.

        • organization_id string Required

          The ID of the organization the role is scoped to.

      • deployment array[object]

        Assignments for roles with deployment scope.

        Assignment for a role with deployment scope.

        Hide deployment attributes Show deployment attributes object
        • role_id string Required

          The ID of the role that is assigned.

        • organization_id string Required

          The ID of the organization the role is scoped to.

        • all boolean

          When true, the role applies to all deployments in the organization, otherwise the role is scoped to the deployments specified in deployment_ids.

        • deployment_ids array[string]

          The IDs of the deployments the role is scoped to. Must be absent if all is true, and present if all is false.

        • application_roles array[string]

          If provided, the user assigned this role assignment will be granted this application role when signing in to the deployment(s) specified in the role assignment.

      • project object

        Assignments for roles with project scope.

        Hide project attributes Show project attributes object
        • elasticsearch array[object]

          The Elasticsearch project-scoped role assignments to set

          Assignment for a role with project scope.

          Hide elasticsearch attributes Show elasticsearch attributes object
          • role_id string Required

            The ID of the role that is assigned.

          • organization_id string Required

            The ID of the organization the role is scoped to.

          • all boolean

            When true, the role applies to all projects in the organization, otherwise the role is scoped to the projects specified in project_ids.

          • project_ids array[string]

            The IDs of the projects the role is scoped to. Must be absent if all is true, and present if all is false.

          • application_roles array[string]

            If provided, the user assigned this role assignment will be granted this application role when signing in to the project(s) specified in the role assignment.

        • observability array[object]

          The Observability project-scoped role assignments to set

          Assignment for a role with project scope.

          Hide observability attributes Show observability attributes object
          • role_id string Required

            The ID of the role that is assigned.

          • organization_id string Required

            The ID of the organization the role is scoped to.

          • all boolean

            When true, the role applies to all projects in the organization, otherwise the role is scoped to the projects specified in project_ids.

          • project_ids array[string]

            The IDs of the projects the role is scoped to. Must be absent if all is true, and present if all is false.

          • application_roles array[string]

            If provided, the user assigned this role assignment will be granted this application role when signing in to the project(s) specified in the role assignment.

        • security array[object]

          The Security project-scoped role assignments to set

          Assignment for a role with project scope.

          Hide security attributes Show security attributes object
          • role_id string Required

            The ID of the role that is assigned.

          • organization_id string Required

            The ID of the organization the role is scoped to.

          • all boolean

            When true, the role applies to all projects in the organization, otherwise the role is scoped to the projects specified in project_ids.

          • project_ids array[string]

            The IDs of the projects the role is scoped to. Must be absent if all is true, and present if all is false.

          • application_roles array[string]

            If provided, the user assigned this role assignment will be granted this application role when signing in to the project(s) specified in the role assignment.
  • 400 application/json

    The request is invalid. Specify a different request, then try again. (code: api_keys.invalid_input)

    Hide headers attribute Show headers attribute
    • x-cloud-error-codes string

      The error codes associated with the response

      Value is api_keys.invalid_input.

    Hide response attribute Show response attribute object
    • errors array[object] Required

      A list of errors that occurred in the failing request

      Hide errors attributes Show errors attributes object
      • code string Required

        A structured code representing the error type that occurred

      • message string Required

        A human readable message describing the error that occurred

      • fields array[string]

        If the error can be tied to a specific field or fields in the user request, this lists those fields
POST /users/auth/keys 
curl \
 --request POST 'https://{{hostname}}/api/v1/users/auth/keys' \
 --user "username:password" \
 --header "Content-Type: application/json" \
 --data '{"description":"string","expiration":"string","role_assignments":{"platform":[{"role_id":"string"}],"organization":[{"role_id":"string","organization_id":"string"}],"deployment":[{"role_id":"string","organization_id":"string","all":true,"deployment_ids":["string"],"application_roles":["string"]}],"project":{"elasticsearch":[{"role_id":"string","organization_id":"string","all":true,"project_ids":["string"],"application_roles":["string"]}],"observability":[{"role_id":"string","organization_id":"string","all":true,"project_ids":["string"],"application_roles":["string"]}],"security":[{"role_id":"string","organization_id":"string","all":true,"project_ids":["string"],"application_roles":["string"]}]}}}'