Delete service account tokens API
editDelete service account tokens API
editThis functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.
Deletes service account tokens for a service in a
specified namespace.
Request
editDELETE /_security/service/<namespace>/<service>/credential/token/<token_name>
Prerequisites
edit-
To use this API, you must have at least the
manage_service_accountcluster privilege.
Description
editIn production mode, service accounts require TLS on the HTTP interface. A runtime check prevents you from invoking any related APIs or authenticating with a service account token unless TLS is enabled on the HTTP interface. See encrypt HTTP client communications for Elasticsearch.
The API response indicates whether the specified service account token is found and deleted or it is not found.
Path parameters
edit-
namespace - (Required, string) Name of the namespace.
-
service - (Required, string) Name of the service name.
-
token_name - (Required, string) Name of the service account token.
Examples
editThe following request deletes the token1 service account token from the
elastic/fleet-server service account:
DELETE /_security/service/elastic/fleet-server/credential/token/token42
If the service account token is successfully deleted, the request returns
{"found": true}. Otherwise, the response will have status code 404 and
found` will be set to false.
{
"found" : true
}