It is time to say goodbye: This version of Elastic Cloud Enterprise has reached end-of-life (EOL) and is no longer supported.
The documentation for this version is no longer being maintained. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Authentication
editAuthentication
editThe Elastic Cloud Enterprise RESTful APIs support both key-based and token-based authentication. Key-based is generally the preferred method.
Authenticate using an API key
editFor key-based API authentication, you can create an API key through the Elastic Cloud Enterprise UI. Once created, you can specify the key in the header of your API calls to authenticate.
API keys are not available for the built-in users (admin
and readonly
). Therefore, the API Keys settings page on the UI does not appear for these users.
To create an API key:
- Sign in to the Cloud UI.
- Go to Profile, Settings, and then API Keys.
- Click Generate API key.
- Provide your account password.
- Specify a name for the API key.
- Copy the generated API key and store it in a safe place. You can also download the key as a CSV file.
The API key has no expiration, so it may be used indefinitely. The API key has the same permissions as the API key owner. You may have multiple API keys for different purposes and you can revoke them when you no longer need them.
To revoke an API key:
- Sign in to the Cloud UI.
- Go to Profile, Settings, and then API Keys.
- Click the trash icon under the Revoke column for any keys that you want to delete.
Authenticate using a bearer token
editFor token-based API authentication, you can use the same username and password that you use to log into the Cloud UI. If you want to use the credentials that were provided when you installed Elastic Cloud Enterprise on your first host, for example admin
, you can retrieve them separately.
For operations that only read information, but don’t create, update or delete, you can authenticate with a user that has restricted permissions, such as the readonly
user.