Generate Api Key For Api Management
Mar 03, 2019 This template demonstrates how to Create a instance of Azure API Management having an MSI and then setting up custom hostname for proxy with ssl certificate from keyvault. This Azure Resource Manager template was created by a member of the community and not by Microsoft. All requests to a search service need a read-only api-key that was generated specifically for your service. The api-key is the sole mechanism for authenticating access to your search service endpoint and must be included on every request. In REST solutions, the api-key is typically specified in a request header.
Creates an API key for access without requiring basic authentication.
POST /_security/api_keyPUT /_security/api_key
- To use this API, you must have at least the
manage_api_keycluster privilege.
The API keys are created by the Elasticsearch API key service, which is automatically enabledwhen you configure TLS on the HTTP interface. See Encrypting HTTP client communications. Alternatively,you can explicitly enable the xpack.security.authc.api_key.enabled setting. Whenyou are running in production mode, a bootstrap check prevents you from enablingthe API key service unless you also enable TLS on the HTTP interface.
A successful create API key API call returns a JSON structure that contains theAPI key, its unique id, and its name. If applicable, it also returns expirationinformation for the API key in milliseconds.
By default, API keys never expire. You can specify expiration informationwhen you create the API keys.
See API key service settings for configuration settings related to API keyservice.
The following parameters can be specified in the body of a POST or PUT request:
name- (Optional, string) Specifies the name for this API key.
role_descriptors- (Optional, array-of-role-descriptor) An array of role descriptors for this APIkey. This parameter is optional. When it is not specified or is an empty array,then the API key will have a point in time snapshot of permissions of theauthenticated user. If you supply role descriptors then the resultant permissionswould be an intersection of API keys permissions and authenticated user’s permissionsthereby limiting the access scope for API keys.The structure of role descriptor is the same as the request for create role API.For more details, see create or update roles API.
expiration- (Optional, string) Expiration time for the API key. By default, API keys neverexpire.
Generate Api Documentation Online
The following example creates an API key:
optional expiration for the API key being generated. If expiration is notprovided then the API keys do not expire. |
optional role descriptors for this API key, if not provided then permissionsof authenticated user are applied. |
A successful call returns a JSON structure that providesAPI key information.
unique id for this API key |
optional expiration in milliseconds for this API key |
generated API key |
Generate Api Key
The API key returned by this API can then be used by sending a request with aAuthorization header with a value having the prefix ApiKey followedby the credentials, where credentials is the base64 encoding of id and api_key joined by a colon.