IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.

› › › ›

Create agent key

edit

Create agent key

edit

Create an APM agent API key. Specify API key privileges in the request body at creation time.

Privileges

edit

The user creating an APM agent API key must have at least the manage_own_api_key cluster privilege and the APM application-level privileges that it wishes to grant.

Example roleedit

The example below uses the Kibana role management API to create a role named apm_agent_key_user. Create and assign this role to a user that wishes to create APM agent API keys.

POST /_security/role/apm_agent_key_user
{
  "cluster": ["manage_own_api_key"],
  "applications": [
    {
      "application": "kibana-.kibana",
      "privileges": ["feature_apm.all"],
      "resources": ["*"]
    },
    {
      "application": "apm",
      "privileges": ["event:write", "config_agent:read"],
      "resources": ["*"]
    }
  ]
}

Request

edit

POST /api/apm/agent_keys

Request body

edit

name

(required, string) Name of the APM agent key.

privileges

(required, array) APM agent key privileges. It can take one or more of the following values:

event:write. Required for ingesting APM agent events.
config_agent:read. Required for APM agents to read agent configuration remotely.

Example

edit

POST /api/apm/agent_keys
{
    "name": "apm-key",
    "privileges": ["event:write", "config_agent:read"]
}

Response body

edit

{
  "agentKey": {
    "id": "3DCLmn0B3ZMhLUa7WBG9",
    "name": "apm-key",
    "api_key": "PjGloCGOTzaZr8ilUPvkjA",
    "encoded": "M0RDTG1uMEIzWk1oTFVhN1dCRzk6UGpHbG9DR09UemFacjhpbFVQdmtqQQ=="
  }
}

Once created, you can copy the API key (Base64 encoded) and use it to to authorize requests from APM agents to the APM Server.

« APM agent Key API Troubleshoot »