Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add API key settings documentation #38164

Closed
wants to merge 3 commits into from
Closed

Add API key settings documentation #38164

wants to merge 3 commits into from

Conversation

bizybot
Copy link
Contributor

@bizybot bizybot commented Feb 1, 2019
edited
Loading

This commit adds missing
API key service settings documentation.

Limit token expiry to 1 hour and add API key documentation
cd9f261 
We have documented in our get token API that the configured
maximumvalue for token expiry is 1 hour but that was not
enforced. This commit fixes the setting and adds some missing
API key service settings documentation.
@bizybot bizybot added >non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) labels Feb 1, 2019
@bizybot bizybot requested review from jaymode and jkakavas February 1, 2019 09:18
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security

@bizybot bizybot changed the title Limit token expiry to 1 hour and add API key documentation Limit token expiry to 1 hour maximum and add API key documentation Feb 1, 2019
@bizybot
Copy link
Contributor Author

bizybot commented Feb 1, 2019

@elasticmachine run elasticsearch-ci/default-distro

jaymode
jaymode requested changes Feb 1, 2019
View reviewed changes
Copy link
Member

@jaymode jaymode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to separate the token expiry change since it should probably be backported and is unrelated to API keys

x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/TokenService.java Outdated Show resolved Hide resolved
Remove unrelated change for the API key docs
06321d4 
- Created another PR for settings change in token service
@bizybot bizybot changed the title Limit token expiry to 1 hour maximum and add API key documentation Add API key settings documentation Feb 2, 2019
jkakavas
jkakavas approved these changes Feb 4, 2019
View reviewed changes
Copy link
Member

@jkakavas jkakavas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM Yogesh

@bizybot bizybot changed the base branch from security_api_keys to master February 6, 2019 05:48
@bizybot bizybot changed the base branch from master to security_api_keys February 6, 2019 05:48
@bizybot
Copy link
Contributor Author

bizybot commented Feb 6, 2019

Closing this in favor of #38490 to be merged to master. Thank you.

@bizybot bizybot closed this Feb 6, 2019
@bizybot bizybot mentioned this pull request Feb 6, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jaymode jaymode jaymode requested changes

@jkakavas jkakavas jkakavas approved these changes

Assignees
No one assigned
Labels
>non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@bizybot @elasticmachine @jaymode @jkakavas