This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.
Get application privileges API
editGet application privileges API
editRetrieves application privileges.
Request
editGET /_security/privilege
GET /_security/privilege/<application>
GET /_security/privilege/<application>/<privilege>
Prerequisites
editTo use this API, you must have either:
-
the
read_security
cluster privilege (or a greater privilege such asmanage_security
orall
); or - the "Manage Application Privileges" global privilege for the application being referenced in the request
Description
editTo check a user’s application privileges, use the has privileges API.
Path parameters
edit-
application
- (Optional, string) The name of the application. Application privileges are always associated with exactly one application. If you do not specify this parameter, the API returns information about all privileges for all applications.
-
privilege
- (Optional, string) The name of the privilege. If you do not specify this parameter, the API returns information about all privileges for the requested application.
Examples
editThe following example retrieves information about the read
privilege for the
app01
application:
resp = client.security.get_privileges( application="myapp", name="read", ) print(resp)
const response = await client.security.getPrivileges({ application: "myapp", name: "read", }); console.log(response);
GET /_security/privilege/myapp/read
A successful call returns an object keyed by application name and privilege name. If the privilege is not defined, the request responds with a 404 status.
{ "myapp": { "read": { "application": "myapp", "name": "read", "actions": [ "data:read/*", "action:login" ], "metadata": { "description": "Read access to myapp" } } } }
To retrieve all privileges for an application, omit the privilege name:
resp = client.security.get_privileges( application="myapp", ) print(resp)
const response = await client.security.getPrivileges({ application: "myapp", }); console.log(response);
GET /_security/privilege/myapp/
To retrieve every privilege, omit both the application and privilege names:
resp = client.security.get_privileges() print(resp)
const response = await client.security.getPrivileges(); console.log(response);
GET /_security/privilege/