Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DOCS] Splits the token APIs into separate pages #32865

Merged
merged 8 commits into from
Aug 18, 2018

Conversation

lcawl
Copy link
Contributor

@lcawl lcawl commented Aug 15, 2018

The Tokens API documentation (https://www.elastic.co/guide/en/elasticsearch/reference/master/security-api-tokens.html) currently contains information about multiple APIs (get and delete). This PR splits that information across multiple pages, mirroring the layout of the machine learning APIs and OpenAPI output.

This layout change was discussed briefly in #32635 (comment).
Related to #32794, #32825, and #32797

@lcawl lcawl added >docs General docs changes v7.0.0 :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v6.4.0 v6.3.1 v6.5.0 labels Aug 15, 2018
@lcawl lcawl requested a review from jaymode August 15, 2018 17:01
Copy link
Member

@jaymode jaymode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left some minor comments. Otherwise LGTM

`xpack.security.authc.token.timeout` setting. For more information, see
<<token-service-settings>>.

If you want to invalidate a token immediately, use this delete tokens API.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/tokens/token

you are running in production mode, a bootstrap check prevents you from enabling
the token service unless you also enable TLS on the HTTP interface.

The get tokens API takes the same parameters as a typical OAuth 2.0 token API
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/tokens/token

The get tokens API takes the same parameters as a typical OAuth 2.0 token API
except for the use of a JSON request body.

A successful get tokens API call returns a JSON structure that contains the access
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/tokens/token

token, the amount of time (seconds) that the token expires in, the type, and the
scope if available.

The tokens returned by the get tokens API have a finite period of time for which
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/tokens/token

`grant_type`::
(string) The type of grant. Currently only the `password` grant type is supported.

//TBD: What about the `refresh_token` type in the example below?
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

refresh_token is also valid now

`password` (required)::
(string) The user's password.

//TBD: Add `refresh_token` parameter per example below?
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes we need to add this as well. When grant type is refresh_token then username and password are not required but the refresh_token field is required.

@lcawl
Copy link
Contributor Author

lcawl commented Aug 17, 2018

@jaymode I updated the URL in https://github.com/elastic/x-pack-elasticsearch/blob/master/plugin/src/test/resources/rest-api-spec/api/xpack.security.get_token.json, but couldn't find a xpack.security.delete_token.json. Should I create one?

@lcawl
Copy link
Contributor Author

lcawl commented Aug 17, 2018

@lcawl
Copy link
Contributor Author

lcawl commented Aug 17, 2018

retest this please

@lcawl lcawl force-pushed the lcawley-token-apis branch from c4b9f4f to 2e790b6 Compare August 17, 2018 23:46
@lcawl lcawl force-pushed the lcawley-token-apis branch from 0ea75d7 to af06c3a Compare August 18, 2018 05:21
@lcawl lcawl merged commit fb1c399 into elastic:master Aug 18, 2018
@lcawl lcawl deleted the lcawley-token-apis branch August 18, 2018 05:22
jasontedor added a commit to jasontedor/elasticsearch that referenced this pull request Aug 18, 2018
* master:
  NETWORKING: Make RemoteClusterConn. Lazy Resolve DNS (elastic#32764)
  [DOCS] Splits the users API documentation into multiple pages (elastic#32825)
  [DOCS] Splits the token APIs into separate pages (elastic#32865)
  [DOCS] Creates redirects for role management APIs page
  Bypassing failing test PainlessDomainSplitIT#testHRDSplit (elastic#32966)
  TEST: Mute testRetentionPolicyChangeDuringRecovery
  [DOCS] Fixes more broken links to role management APIs
  [Docs] Tweaks and fixes to rollup docs
  [DOCS] Fixes links to role management APIs
  [ML][TEST] Fix BasicRenormalizationIT after adding multibucket feature
  [DOCS] Splits the roles API documentation into multiple pages (elastic#32794)
  [TEST]  Run pre 6.4 nodes in non-FIPS JVMs (elastic#32901)
  Make Geo Context Mapping Parsing More Strict (elastic#32821)
jasontedor added a commit that referenced this pull request Aug 18, 2018
* elastic/master: (46 commits)
  NETWORKING: Make RemoteClusterConn. Lazy Resolve DNS (#32764)
  [DOCS] Splits the users API documentation into multiple pages (#32825)
  [DOCS] Splits the token APIs into separate pages (#32865)
  [DOCS] Creates redirects for role management APIs page
  Bypassing failing test PainlessDomainSplitIT#testHRDSplit (#32966)
  TEST: Mute testRetentionPolicyChangeDuringRecovery
  [DOCS] Fixes more broken links to role management APIs
  [Docs] Tweaks and fixes to rollup docs
  [DOCS] Fixes links to role management APIs
  [ML][TEST] Fix BasicRenormalizationIT after adding multibucket feature
  [DOCS] Splits the roles API documentation into multiple pages (#32794)
  [TEST]  Run pre 6.4 nodes in non-FIPS JVMs (#32901)
  Make Geo Context Mapping Parsing More Strict (#32821)
  [ML] fix updating opened jobs scheduled events (#31651) (#32881)
  Scripted metric aggregations: add deprecation warning and system property to control legacy params (#31597)
  Tests: Fix timezone conversion in DateTimeUnitTests
  Enable FIPS140LicenseBootstrapCheck (#32903)
  Fix InternalAutoDateHistogram reproducible failure (#32723)
  Remove assertion in testDocStats on deletedDocs counter (#32914)
  HLRC: Move ML request converters into their own class (#32906)
  ...
jasontedor added a commit that referenced this pull request Aug 18, 2018
* 6.x: (42 commits)
  [DOCS] Splits the users API documentation into multiple pages (#32825)
  [DOCS] Splits the token APIs into separate pages (#32865)
  [DOCS] Creates redirects for role management APIs page
  Bypassing failing test PainlessDomainSplitIT#testHRDSplit (#32966)
  TEST: Mute testRetentionPolicyChangeDuringRecovery
  [DOCS] Fixes more broken links to role management APIs
  [Docs] Tweaks and fixes to rollup docs
  [DOCS] Fixes links to role management APIs
  [ML][TEST] Fix BasicRenormalizationIT after adding multibucket feature
  [DOCS] Splits the roles API documentation into multiple pages (#32794)
  [TEST]  Run pre 6.4 nodes in non-FIPS JVMs (#32901)
  Remove assertion in testDocStats on deletedDocs counter (#32914)
  [ML] fix updating opened jobs scheduled events (#31651) (#32881)
  Enable FIPS140LicenseBootstrapCheck (#32903)
  HLRC: Move ML request converters into their own class (#32906)
  [DOCS] Update getting-started.asciidoc (#29518)
  Fix allowed value for HighlighterBuilder encoder in javadocs (#32780)
  [DOCS] Add "remove a tag" script logic as an example (#32556)
  RFC: Test that example plugins build stand-alone (#32235)
  Security: remove put privilege API (#32879)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
>docs General docs changes :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v6.3.1 v6.4.0 v6.5.0 v7.0.0-beta1
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants