NOTE: You are looking at documentation for an older release. For the latest information, see the current release documentation.
Invalidate API key API
editInvalidate API key API
editInvalidates one or more API keys.
Request
editDELETE /_security/api_key
Description
editThe API keys created by create API Key can be invalidated using this API.
Request Body
editThe following parameters can be specified in the body of a DELETE request and pertain to invalidating api keys:
-
id
(optional) -
(string) An API key id. This parameter cannot be used with any of
name
,realm_name
orusername
are used. -
name
(optional) -
(string) An API key name. This parameter cannot be used with any of
id
,realm_name
orusername
are used. -
realm_name
(optional) -
(string) The name of an authentication realm. This parameter cannot be used with
either
id
orname
. -
username
(optional) -
(string) The username of a user. This parameter cannot be used with either
id
orname
.
While all parameters are optional, at least one of them is required.
Examples
editIf you create an API key as follows:
POST /_security/api_key { "name": "my-api-key" }
A successful call returns a JSON structure that provides API key information. For example:
{ "id":"VuaCfGcBCdbkQm-e5aOx", "name":"my-api-key", "api_key":"ui2lp2axTNmsyakw9tvNnw" }
The following example invalidates the API key identified by specified id
immediately:
DELETE /_security/api_key { "id" : "VuaCfGcBCdbkQm-e5aOx" }
The following example invalidates the API key identified by specified name
immediately:
DELETE /_security/api_key { "name" : "my-api-key" }
The following example invalidates all API keys for the native1
realm
immediately:
DELETE /_security/api_key { "realm_name" : "native1" }
The following example invalidates all API keys for the user myuser
in all
realms immediately:
DELETE /_security/api_key { "username" : "myuser" }
Finally, the following example invalidates all API keys for the user myuser
in
the native1
realm immediately:
DELETE /_security/api_key { "username" : "myuser", "realm_name" : "native1" }
A successful call returns a JSON structure that contains the ids of the API keys that were invalidated, the ids of the API keys that had already been invalidated, and potentially a list of errors encountered while invalidating specific api keys.
{ "invalidated_api_keys": [ "api-key-id-1" ], "previously_invalidated_api_keys": [ "api-key-id-2", "api-key-id-3" ], "error_count": 2, "error_details": [ { "type": "exception", "reason": "error occurred while invalidating api keys", "caused_by": { "type": "illegal_argument_exception", "reason": "invalid api key id" } }, { "type": "exception", "reason": "error occurred while invalidating api keys", "caused_by": { "type": "illegal_argument_exception", "reason": "invalid api key id" } } ] }