-
Notifications
You must be signed in to change notification settings - Fork 24.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provide introductory docs for API Keys #70702
Comments
Pinging @elastic/es-docs (Team:Docs) |
Pinging @elastic/es-security (Team:Security) |
@tvernum, this sounds like a worthy cause, especially because I hear folks from other teams internally indicate that API keys are the "preferred" method of authenticating with Elasticsearch. If there are internal resources that provide some of this background information and problem resolution, please let me know. |
With the sort of changes we're working through at the moment, it probably makes sense to plan for this to eventually form part of a "Understanding authentication & authorization models in Elasticsearch" section. That would want to cover:
And then for each part think about options such as:
But if we try to write all of that now, it will be a huge task and spend a lot of time in reviews. I think it makes sense to approach it in pieces, but with an idea of how it might come together at the end. |
In terms of content for the short term: Password-based UsersStrengths / Features
Limitations
API KeysStrengths / Features
Limitations
Non-differences
|
It is common for people to stumble across the API key documentation and assume that API Keys is the preferred/recommended way to authenticate to Elasticsearch
I often come across comments on discuss or community-slack where a conversation starts with "I'm trying to use API Keys and ..." and after digging it turns out that API keys aren't a good fit for their needs, but they assumed API Keys are how they're supposed to interact with ES.
It would be helpful to have an introductory guide to API Keys that explain the problems that they're intended to solve, how they work (and why) and potential traps.
The text was updated successfully, but these errors were encountered: