Accueil Explorer Aide
Connexion
lqb
/
elasticsearch
miroir de https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Fichiers Tickets 0 Wiki
Aborescence: 576fe750de
Branches Tags
elasticsearch
/
x-pack
/
docs
/
en
/
rest-api
/
security
/
get-service-credentials.asciidoc

get-service-credentials.asciidoc 2.4 KB
Historique Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. [role="xpack"]
    2. 

  2. [[security-api-get-service-credentials]]
    3. 

  3. === Get service account credentials API
    4. 

  4. 

  5. beta::[]
    6. 

  6. 

  7. ++++
    8. 

  8. <titleabbrev>Get service account credentials</titleabbrev>
    9. 

  9. ++++
    10. 

  10. 

  11. Retrieves all service credentials for a  <<service-accounts,service account>>.
    12. 

  12. 

  13. [[security-api-get-service-credentials-request]]
    14. 

  14. ==== {api-request-title}
    15. 

  15. 

  16. `GET /_security/service/<namespace>/<service>/credential`
    17. 

  17. 

  18. [[security-api-get-service-credentials-prereqs]]
    19. 

  19. ==== {api-prereq-title}
    20. 

  20. 

  21. * To use this API, you must have at least the `manage_service_account`
    22. 

  22. <<privileges-list-cluster,cluster privilege>>.
    23. 

  23. 

  24. [[security-api-get-service-credentials-desc]]
    25. 

  25. ==== {api-description-title}
    26. 

  26. include::../../security/authentication/service-accounts.asciidoc[tag=service-accounts-tls]
    27. 

  27. 

  28. Use this API to retrieve a list of credentials for a service account. 
    29. 

  29. The response includes service account tokens that were created with the
    30. 

  30. << create service account API >> as well as file-backed tokens that
    31. 

  31. are local to the node.
    32. 

  32. 

  33. NOTE: For tokens backed by the `service_tokens` file, the API only returns
    34. 

  34. tokens defined in the file local to the node against which the request was issued.
    35. 

  35. 

  36. [[security-api-get-service-credentials-path-params]]
    37. 

  37. ==== {api-path-parms-title}
    38. 

  38. 

  39. `namespace`::
    40. 

  40. (Required, string) Name of the namespace.
    41. 

  41. 

  42. `service`::
    43. 

  43. (Required, string) Name of the service name.
    44. 

  44. 

  45. [[security-api-get-service-credentials-example]]
    46. 

  46. ==== {api-examples-title}
    47. 

  47. The following request uses the <<security-api-create-service-token,create service account token API>> to create a service account token named `token1`
    48. 

  48. in the `elastic/fleet-server` service account:
    49. 

  49. 

  50. [source,console]
    51. 

  51. ----
    52. 

  52. POST /_security/service/elastic/fleet-server/credential/token/token1
    53. 

  53. ----
    54. 

  54. 

  55. The following request returns all credentials for the `elastic/fleet-server`
    56. 

  56. service account:
    57. 

  57. 

  58. [source,console]
    59. 

  59. ----
    60. 

  60. GET /_security/service/elastic/fleet-server/credential
    61. 

  61. ----
    62. 

  62. // TEST[continued]
    63. 

  63. 

  64. The response includes all credentials related to the specified service account:
    65. 

  65. 

  66. [source,js]
    67. 

  67. ----
    68. 

  68. {
    69. 

  69.   "service_account": "elastic/fleet-server",
    70. 

  70.   "node_name": "node0", <1>
    71. 

  71.   "count": 3,
    72. 

  72.   "tokens": {
    73. 

  73.     "token1": {},       <2>
    74. 

  74.     "token42": {}       <3>
    75. 

  75.   },
    76. 

  76.   "file_tokens": {
    77. 

  77.     "my-token": {}      <4>
    78. 

  78.   }
    79. 

  79. }
    80. 

  80. ----
    81. 

  81. // NOTCONSOLE
    82. 

  82. <1> The local node name
    83. 

  83. <2> A new service account token backed by the `.security` index
    84. 

  84. <3> An existing service account token backed by the `.security` index
    85. 

  85. <4> A file-backed token local to the `node0` node
    86.