Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhance Get Tokens API docs #45104

Merged
merged 2 commits into from
Aug 7, 2019
Merged

Enhance Get Tokens API docs #45104

merged 2 commits into from
Aug 7, 2019

Conversation

jkakavas
Copy link
Member

@jkakavas jkakavas commented Aug 1, 2019

Add some details to make more obvious that neither password nor
client_credentials grant types are designed to be used for self
service user creation of tokens as this comes up quite often in
forums and users trying to use them for that reason.

Resolves: #36946

@jkakavas
Enhance Get Tokens API docs
bae5987 
Add some details to make more obvious that neither `password` nor
`client_credentials` grant types are designed to be used for self
service user creation of tokens as this comes up quite often in
forums and users trying to use them for that reason.
@jkakavas jkakavas added >docs General docs changes :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v8.0.0 v7.4.0 labels Aug 1, 2019
@jkakavas jkakavas requested review from tvernum and lcawl August 1, 2019 16:43
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-docs

@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security

@jkakavas
Copy link
Member Author

jkakavas commented Aug 1, 2019

@elasticmachine update branch

@jkakavas
Copy link
Member Author

jkakavas commented Aug 1, 2019

@elasticmachine run elasticsearch-ci/2

@tvernum
Copy link
Contributor

tvernum commented Aug 2, 2019

Do we want to add a reference for API Keys as an alternative for the use cases that tokens are not intended to support?

@jkakavas
Copy link
Member Author

jkakavas commented Aug 2, 2019

Do we want to add a reference for API Keys as an alternative for the use cases that tokens are not intended to support?

👍

I have a note to do this once #40031 is resolved. I didn't want to suggest API keys now when it still requires at least manage_api_key ( that allows users to delete api keys of others )

tvernum
tvernum approved these changes Aug 6, 2019
View reviewed changes
Copy link
Contributor

@tvernum tvernum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jkakavas jkakavas merged commit 3db72ba into elastic:master Aug 7, 2019
@jkakavas
Copy link
Member Author

jkakavas commented Aug 7, 2019

🤦‍♂️ @lcawl apologies, I saw the green tick and failed to see you haven't gone through it yet. I'll wait for your input before backporting this

@lcawl
Copy link
Contributor

lcawl commented Aug 7, 2019

No worries, @jkakavas I've drafted some suggested changes in #45312

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tvernum tvernum tvernum approved these changes

@lcawl lcawl Awaiting requested review from lcawl

Assignees
No one assigned
Labels
>docs General docs changes :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v7.4.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Document the supported use cases for the Get Token API
5 participants
@jkakavas @elasticmachine @tvernum @lcawl @jakelandis