Create a cross-cluster API key
Create an API key of the cross_cluster
type for the API key based remote cluster access.
A cross_cluster
API key cannot be used to authenticate through the REST interface.
IMPORTANT: To authenticate this request you must use a credential that is not an API key. Even if you use an API key that has the required privilege, the API returns an error.
Cross-cluster API keys are created by the Elasticsearch API key service, which is automatically enabled.
NOTE: Unlike REST API keys, a cross-cluster API key does not capture permissions of the authenticated user. The API key’s effective permission is exactly as specified with the access
property.
A successful request returns a JSON structure that contains the API key, its unique ID, and its name. If applicable, it also returns expiration information for the API key in milliseconds.
By default, API keys never expire. You can specify expiration information when you create the API keys.
Cross-cluster API keys can only be updated with the update cross-cluster API key API. Attempting to update them with the update REST API key API or the bulk update REST API keys API will result in an error.
Body Required
-
Additional properties are allowed.
-
expiration string
A duration. Units can be
nanos
,micros
,ms
(milliseconds),s
(seconds),m
(minutes),h
(hours) andd
(days). Also accepts "0" without a unit and "-1" to indicate an unspecified value. -
metadata object
curl \
-X POST http://api.example.com/_security/cross_cluster/api_key \
-H "Content-Type: application/json" \
-d '{"access":{"replication":[{"names":["string"]}],"search":[{"field_security":{"except":"string","grant":"string"},"names":["string"],"":"string","allow_restricted_indices":true}]},"expiration":"string","metadata":{"additionalProperty1":{},"additionalProperty2":{}},"name":"string"}'
{
"access": {
"replication": [
{
"names": [
"string"
]
}
],
"search": [
{
"field_security": {
"except": "string",
"grant": "string"
},
"names": [
"string"
],
"": "string",
"allow_restricted_indices": true
}
]
},
"expiration": "string",
"metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
},
"name": "string"
}
{
"api_key": "string",
"": 42.0,
"id": "string",
"name": "string",
"encoded": "string"
}