|
| 1 | +-- |
| 2 | +:api: grant-api-key |
| 3 | +:request: GrantApiKeyRequest |
| 4 | +:response: CreateApiKeyResponse |
| 5 | +-- |
| 6 | +[role="xpack"] |
| 7 | +[id="{upid}-{api}"] |
| 8 | +=== Grant API key API |
| 9 | + |
| 10 | +Creates an API key on behalf of another user. |
| 11 | + |
| 12 | +[id="{upid}-{api}-request"] |
| 13 | +==== Grant API key request |
| 14 | + |
| 15 | +This API is similar to <<java-rest-high-security-create-api-key>>, however it |
| 16 | +creates the API key for a user that is different than the user that runs the API. |
| 17 | + |
| 18 | +A +{request}+ contains authentication credentials for the user on whose behalf |
| 19 | +the API key will be created, a grant type (which indicates whether the |
| 20 | +credentials are an access token or a user ID and password), and API key details. |
| 21 | +The API key details include a name for the API key, an optional list of role |
| 22 | +descriptors to define permissions, and an optional expiration for the |
| 23 | +generated API key. If expiration is not provided, by default the API keys do not |
| 24 | +expire. |
| 25 | + |
| 26 | +["source","java",subs="attributes,callouts,macros"] |
| 27 | +-------------------------------------------------- |
| 28 | +include-tagged::{doc-tests-file}[{api}-request] |
| 29 | +-------------------------------------------------- |
| 30 | + |
| 31 | +include::../execution.asciidoc[] |
| 32 | + |
| 33 | +[id="{upid}-{api}-response"] |
| 34 | +==== Grant API key response |
| 35 | + |
| 36 | +The returned +{response}+ contains an ID, API key, name for the API key, and |
| 37 | +optional expiration. |
| 38 | + |
| 39 | +["source","java",subs="attributes,callouts,macros"] |
| 40 | +-------------------------------------------------- |
| 41 | +include-tagged::{doc-tests-file}[{api}-response] |
| 42 | +-------------------------------------------------- |
| 43 | +<1> The API key that can be used to authenticate to Elasticsearch. |
| 44 | +<2> Expiration details, if the API keys expire. |
0 commit comments