Skip to content

Commit

Permalink
[Docs] Update feature privilege docs to reflect new route authorizati…
Browse files Browse the repository at this point in the history
…on (elastic#201017)

## Summary

Updates developer documentation on Feature privileges to reflect changes
to Route Authorization.


### Screenshots
Before
<img width="400" alt="Screenshot 2024-11-20 at 18 52 02"
src="https://github.com/user-attachments/assets/0bb01bd0-e41a-48ee-bcaf-bd4119037f1b">

After
<img width="400" alt="Screenshot 2024-11-20 at 18 49 26"
src="https://github.com/user-attachments/assets/2d5712ce-c277-4ecd-831e-750df8309933">


### Checklist

Check the PR satisfies following conditions. 

Reviewers should verify this PR satisfies this list as well.

- [x]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
  • Loading branch information
SiddharthMantri authored Nov 20, 2024
1 parent 83b282a commit 4ffdb35
Showing 1 changed file with 8 additions and 4 deletions.
12 changes: 8 additions & 4 deletions dev_docs/key_concepts/feature_privileges.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -179,8 +179,10 @@ public setup(core: CoreSetup, deps: FeatureControlExampleDeps) {
{
path: '/internal/my_plugin/sensitive_action',
validate: false,
options: {
tags: ['access:my_closed_example_api'],
security: {
authz: {
requiredPrivileges: ['my_closed_example_api']
}
},
},
async (context, request, response) => {
Expand All @@ -193,8 +195,11 @@ public setup(core: CoreSetup, deps: FeatureControlExampleDeps) {
);
}
```
<DocCallOut>
For more information on the `security.authz` object and API authorization, please refer to our guide on <DocLink id="kibDevDocsSecurityAPIAuthorization" text="Configuring authorization on routes"/>
</DocCallOut>

Notice, we've added an `options.tags` property for the API route that returns sensitive information. This tag is then used in the privileges object as follow
Notice, we've added a `security.authz.requiredPrivileges` property for the API route that returns sensitive information. This added configuration is then used in the privileges object as follow

```ts
{
Expand Down Expand Up @@ -347,7 +352,6 @@ A deep dive into every option for the Kibana Feature configuration and what they
}
```


### FeatureKibanaPrivileges Interface

#### excludeFromBasePrivileges (optional)
Expand Down

0 comments on commit 4ffdb35

Please sign in to comment.