Documentation tweaks

elastic · Mar 17, 2021 · 5941367 · 5941367
1 parent 8f1caae
commit 5941367
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 11 deletions.
diff --git a/docs/api/session-management.asciidoc b/docs/api/session-management.asciidoc
@@ -1,11 +1,11 @@
 [role="xpack"]
 [[session-management-api]]
-== {kib} session management APIs
+== {kib} user session management APIs
 
 Allows managing {kib} <<xpack-security-session-management, user sessions>>.
 
-The following {kib} session management APIs are available:
+The following {kib} user session management APIs are available:
 
-* <<session-management-api-invalidate, Invalidate sessions API>> to invalidate {kib} user sessions
+* <<session-management-api-invalidate, Invalidate user sessions API>> to invalidate {kib} user sessions
 
 include::session-management/invalidate.asciidoc[]
diff --git a/docs/api/session-management/invalidate.asciidoc b/docs/api/session-management/invalidate.asciidoc
@@ -1,7 +1,7 @@
 [[session-management-api-invalidate]]
-=== Invalidate sessions API
+=== Invalidate user sessions API
 ++++
-<titleabbrev>Invalidate sessions</titleabbrev>
+<titleabbrev>Invalidate user sessions</titleabbrev>
 ++++
 
 experimental[] Invalidates {kib} user sessions that match provided query.
@@ -30,10 +30,16 @@ To use the invalidate sessions API, you must be a `superuser`.
 [%collapsible%open]
 =====
 `provider` :::
-(Required, object) Contains required `type` and optional `name` string properties to match sessions that were created by the specific <<authentication-security-settings, authentication provider>>.
+(Required, object) Describes the <<authentication-security-settings, authentication provider(s)>> for which to invalidate sessions.
+
+`type` ::::
+(Required, string) The authentication provider `type`.
+
+`name` ::::
+(Optional, string) The authentication provider `name`.
 
 `username` :::
-(Optional, string) If specified, {kib} will only invalidate sessions that belong to a specific user.
+(Optional, string) The username for which to invalidate sessions.
 =====
 
 [[session-management-api-invalidate-response-body]]
@@ -64,7 +70,7 @@ $ curl -X POST api/security/session/_invalidate
 --------------------------------------------------
 // KIBANA
 
-Invalidate sessions that were created by any <<saml, SAML authentication providers>> only:
+Invalidate sessions that were created by any <<saml, SAML authentication provider>>:
 
 [source,sh]
 --------------------------------------------------
@@ -78,7 +84,7 @@ $ curl -X POST api/security/session/_invalidate
 --------------------------------------------------
 // KIBANA
 
-Invalidate sessions that were created by the <<saml, SAML authentication provider>> with the name `saml1` only:
+Invalidate sessions that were created by the <<saml, SAML authentication provider>> with the name `saml1`:
 
 [source,sh]
 --------------------------------------------------
@@ -92,7 +98,7 @@ $ curl -X POST api/security/session/_invalidate
 --------------------------------------------------
 // KIBANA
 
-Invalidate sessions that were created by any <<oidc, OpenID Connect authentication providers>> for the user with the name `[email protected]` only:
+Invalidate sessions that were created by any <<oidc, OpenID Connect authentication provider>> for the user with the username `[email protected]`:
 
 [source,sh]
 --------------------------------------------------

diff --git a/docs/user/security/authentication/index.asciidoc b/docs/user/security/authentication/index.asciidoc
@@ -401,7 +401,7 @@ For more information, refer to <<embedding, Embed {kib} content in a web page>>.
 [[anonymous-access-session]]
 ===== Anonymous access session
 
-{kib} maintains a separate <<xpack-security-session-management, session>> for every anonymous user, as it does for any other authentication mechanism. This way {kib} can maintain a personalized experience even for the users who didn't provide any personal credentials. 
+{kib} maintains a separate <<xpack-security-session-management, session>> for every anonymous user, as it does for all other authentication mechanisms.
 
 You can configure both <<session-idle-timeout, session idle timeout>> and <<session-lifespan, session lifespan>> for the anonymous sessions as you'd do for any other session with the only exception that idle timeout is explicitly disabled for the anonymous sessions by default. That means that the global <<security-session-and-cookie-settings, `xpack.security.session.idleTimeout`>> setting won't affect anonymous sessions. If you want to change the idle timeout for the anonymous sessions, you must configure the provider-level <<anonymous-authentication-provider-settings, `xpack.security.authc.providers.anonymous.<provider-name>.session.idleTimeout`>> setting instead.