Creates an API key on behalf of another user.
This API is similar to Create API Key API, however it creates the API key for a user that is different than the user that runs the API.
GrantApiKeyRequest contains authentication credentials for the user on whose behalf
the API key will be created, a grant type (which indicates whether the
credentials are an access token or a user ID and password), and API key details.
The API key details include a name for the API key, an optional list of role
descriptors to define permissions, and an optional expiration for the
generated API key. If expiration is not provided, by default the API keys do not
CreateApiKeyRequest createApiKeyRequest = new CreateApiKeyRequest(name, roles, expiration, refreshPolicy, metadata); GrantApiKeyRequest.Grant grant = GrantApiKeyRequest.Grant.passwordGrant(username, password); GrantApiKeyRequest grantApiKeyRequest = new GrantApiKeyRequest(grant, createApiKeyRequest);
When executing a
GrantApiKeyRequest in the following manner, the client waits
CreateApiKeyResponse to be returned before continuing with code execution:
CreateApiKeyResponse apiKeyResponse = client.security().grantApiKey(grantApiKeyRequest, RequestOptions.DEFAULT);
Synchronous calls may throw an
IOException in case of either failing to
parse the REST response in the high-level REST client, the request times out
or similar cases where there is no response coming back from the server.
In cases where the server returns a
5xx error code, the high-level
client tries to parse the response body error details instead and then throws
ElasticsearchException and adds the original
ResponseException as a
suppressed exception to it.
GrantApiKeyRequest can also be done in an asynchronous fashion so that
the client can return directly. Users need to specify how the response or
potential failures will be handled by passing the request and a listener to the
asynchronous grant-api-key method:
The asynchronous method does not block and returns immediately. Once it is
ActionListener is called back using the
if the execution successfully completed or using the
onFailure method if
it failed. Failure scenarios and expected exceptions are the same as in the
synchronous execution case.
A typical listener for
grant-api-key looks like:
CreateApiKeyResponse contains an ID, API key, name for the API key, and