- Kibana Guide: other versions:
- What is Kibana?
- What’s new in 8.17
- Kibana concepts
- Quick start
- Set up
- Install Kibana
- Configure Kibana
- AI Assistant settings
- Alerting and action settings
- APM settings
- Banners settings
- Cases settings
- Enterprise Search settings
- Fleet settings
- i18n settings
- Logging settings
- Logs settings
- Metrics settings
- Monitoring settings
- Reporting settings
- Search sessions settings
- Secure settings
- Security settings
- Spaces settings
- Task Manager settings
- Telemetry settings
- URL drilldown settings
- Start and stop Kibana
- Access Kibana
- Securing access to Kibana
- Add data
- Upgrade Kibana
- Configure security
- Configure reporting
- Configure logging
- Configure monitoring
- Command line tools
- Production considerations
- Discover
- Dashboards
- Canvas
- Maps
- Build a map to compare metrics by country or region
- Track, visualize, and alert on assets in real time
- Map custom regions with reverse geocoding
- Heat map layer
- Tile layer
- Vector layer
- Plot big data
- Search geographic data
- Configure map settings
- Connect to Elastic Maps Service
- Import geospatial data
- Troubleshoot
- Reporting and sharing
- Machine learning
- Graph
- Alerting
- Observability
- Search
- Security
- Dev Tools
- Fleet
- Osquery
- Stack Monitoring
- Stack Management
- Cases
- Connectors
- Amazon Bedrock
- Cases
- CrowdStrike
- D3 Security
- Google Gemini
- IBM Resilient
- Index
- Jira
- Microsoft Teams
- Observability AI Assistant
- OpenAI
- Opsgenie
- PagerDuty
- SentinelOne
- Server log
- ServiceNow ITSM
- ServiceNow SecOps
- ServiceNow ITOM
- Swimlane
- Slack
- TheHive
- Tines
- Torq
- Webhook
- Webhook - Case Management
- xMatters
- Preconfigured connectors
- License Management
- Maintenance windows
- Manage data views
- Numeral Formatting
- Rollup Jobs
- Manage saved objects
- Security
- Spaces
- Advanced Settings
- Tags
- Upgrade Assistant
- Watcher
- REST API
- Get features API
- Kibana spaces APIs
- Kibana role management APIs
- User session management APIs
- Saved objects APIs
- Data views API
- Index patterns APIs
- Alerting APIs
- Action and connector APIs
- Cases APIs
- Import and export dashboard APIs
- Logstash configuration management APIs
- Machine learning APIs
- Osquery manager API
- Short URLs APIs
- Get Task Manager health
- Upgrade assistant APIs
- Synthetics APIs
- Uptime APIs
- Kibana plugins
- Troubleshooting
- Accessibility
- Release notes
- Upgrade notes
- Kibana 8.17.4
- Kibana 8.17.3
- Kibana 8.17.2
- Kibana 8.17.1
- Kibana 8.17.0
- Kibana 8.16.6
- Kibana 8.16.5
- Kibana 8.16.4
- Kibana 8.16.3
- Kibana 8.16.2
- Kibana 8.16.1
- Kibana 8.16.0
- Kibana 8.15.5
- Kibana 8.15.4
- Kibana 8.15.3
- Kibana 8.15.2
- Kibana 8.15.1
- Kibana 8.15.0
- Kibana 8.14.3
- Kibana 8.14.2
- Kibana 8.14.1
- Kibana 8.14.0
- Kibana 8.13.4
- Kibana 8.13.3
- Kibana 8.13.2
- Kibana 8.13.1
- Kibana 8.13.0
- Kibana 8.12.2
- Kibana 8.12.1
- Kibana 8.12.0
- Kibana 8.11.4
- Kibana 8.11.3
- Kibana 8.11.2
- Kibana 8.11.1
- Kibana 8.11.0
- Kibana 8.10.4
- Kibana 8.10.3
- Kibana 8.10.2
- Kibana 8.10.1
- Kibana 8.10.0
- Kibana 8.9.2
- Kibana 8.9.1
- Kibana 8.9.0
- Kibana 8.8.2
- Kibana 8.8.1
- Kibana 8.8.0
- Kibana 8.7.1
- Kibana 8.7.0
- Kibana 8.6.1
- Kibana 8.6.0
- Kibana 8.5.2
- Kibana 8.5.1
- Kibana 8.5.0
- Kibana 8.4.3
- Kibana 8.4.2
- Kibana 8.4.1
- Kibana 8.4.0
- Kibana 8.3.3
- Kibana 8.3.2
- Kibana 8.3.1
- Kibana 8.3.0
- Kibana 8.2.3
- Kibana 8.2.2
- Kibana 8.2.1
- Kibana 8.2.0
- Kibana 8.1.3
- Kibana 8.1.2
- Kibana 8.1.1
- Kibana 8.1.0
- Kibana 8.0.0
- Kibana 8.0.0-rc2
- Kibana 8.0.0-rc1
- Kibana 8.0.0-beta1
- Kibana 8.0.0-alpha2
- Kibana 8.0.0-alpha1
- Developer guide
API Keys
editAPI Keys
editAPI keys are security mechanisms used to authenticate and authorize access to Elasticsearch resources. They ensure that only authorized users or applications interact with Elasticsearch.
For example, if you extract data from an Elasticsearch cluster on a daily basis, you might create an API key tied to your credentials, configure it with minimum access, and then put the API credentials into a cron job. Or you might create API keys to automate ingestion of new data from remote sources, without a live user interaction.
You can use Kibana to manage your different API keys:
- User API key: allows external services to access the Elastic Stack on behalf of a user.
- Cross-cluster API key: allows other clusters to connect to this cluster.
- Managed API key: created and managed by Kibana to run background tasks.
To manage API keys, go to the API Keys management page using the navigation menu or the global search field.
Security privileges
edit-
To use API keys in Kibana, you must have the
manage_security,manage_api_key, or themanage_own_api_keycluster privileges. -
To delete API keys, you must have the
manage_api_keyormanage_own_api_keyprivileges. -
To create or update a user API key, you must have the
manage_api_keyor themanage_own_api_keyprivilege. -
To create or update a cross-cluster API key, you must have the
manage_securityprivilege and an Enterprise license. -
To have a read-only view on the API keys, you must have access to the page and the
read_securitycluster privilege.
To manage roles, go to the Roles management page using the navigation menu or the global search field, or use the role APIs.
Create an API key
editTo create an API key, go to the API Keys management page using the navigation menu or the global search field, and select Create API key.
Refer to the create API key documentation to learn more about creating user API keys.
Refer to the create cross-cluster API key documentation to learn more about creating cross-cluster API keys.
Update an API key
editTo update an API key, go to the API Keys management page using the navigation menu or the global search field, and then click on the name of the key. You cannot update the name or the type of API key.
Refer to the update API key documentation to learn more about updating user API keys.
Refer to the update cross-cluster API key documentation to learn more about updating cross-cluster API keys.
View and delete API keys
editThe API Keys feature in Kibana lists your API keys, including the name, date created, and status. If an API key expires, its status changes from Active to Expired.
If you have manage_security or manage_api_key permissions, you can view the API keys of all users, and see which API key was created by which user in which realm.
If you have only the manage_own_api_key permission, you see only a list of your own keys.
You can delete API keys individually or in bulk, but you need the manage_api_keys or manage_own_api_key privileges.