Security APIsedit

To use the security APIs, you must set xpack.security.enabled to true in the elasticsearch.yml file.

You can use the following APIs to perform security activities.

Application privilegesedit

You can use the following APIs to add, update, retrieve, and remove application privileges:

Role mappingsedit

You can use the following APIs to add, remove, update, and retrieve role mappings:

Rolesedit

You can use the following APIs to add, remove, update, and retrieve roles in the native realm:

Tokensedit

You can use the following APIs to create and invalidate bearer tokens for access without requiring basic authentication:

API Keysedit

You can use the following APIs to create, retrieve and invalidate API keys for access without requiring basic authentication:

Usersedit

You can use the following APIs to add, remove, update, or retrieve users in the native realm:

Service Accountsedit

You can use the following APIs to list service accounts and manage the service tokens:

OpenID Connectedit

You can use the following APIs to authenticate users against an OpenID Connect authentication realm when using a custom web application other than Kibana

SAMLedit

You can use the following APIs to authenticate users against a SAML authentication realm when using a custom web application other than Kibana