[DOCS] Adds enabled parameter to user management API (elastic/x-pack-elasticsearch#4364)

Original commit: elastic/x-pack-elasticsearch@166bef4702
This commit is contained in:
Lisa Cawley 2018-04-17 16:15:54 -07:00 committed by GitHub
parent 4c00361b01
commit 4c38e610fd
2 changed files with 14 additions and 112 deletions

View File

@ -49,6 +49,9 @@ Leading or trailing whitespace is not allowed.
The following parameters can be specified in the body of a POST or PUT request The following parameters can be specified in the body of a POST or PUT request
and pertain to creating a user: and pertain to creating a user:
`enabled`::
(boolean) Specifies whether the user is enabled. The default value is `true`.
`email`:: `email`::
(string) The email of the user. (string) The email of the user.
@ -59,11 +62,11 @@ and pertain to creating a user:
(object) Arbitrary metadata that you want to associate with the user. (object) Arbitrary metadata that you want to associate with the user.
`password` (required):: `password` (required)::
(string) The user's password. Passwords must be at least 6 characters long. (string) The user's password. Passwords must be at least 6 characters long.
`roles` (required):: `roles` (required)::
(list) A set of roles the user has. The roles determine the user's access (list) A set of roles the user has. The roles determine the user's access
permissions. permissions. To create a user without any roles, specify an empty list: `[]`.
==== Authorization ==== Authorization
@ -106,11 +109,11 @@ created or updated.
<1> When an existing user is updated, `created` is set to false. <1> When an existing user is updated, `created` is set to false.
After you add a user through the Users API, requests from that user can be After you add a user through the Users API, requests from that user can be
authenticated. authenticated. For example:
[source,shell] [source,shell]
-------------------------------------------------- --------------------------------------------------
curl -u eustace:secret-password http://localhost:9200/_cluster/health curl -u jacknich:j@rV1s http://localhost:9200/_cluster/health
-------------------------------------------------- --------------------------------------------------
[[security-api-get-user]] [[security-api-get-user]]
@ -154,7 +157,7 @@ GET /_xpack/security/user/jacknich,rdinero
// CONSOLE // CONSOLE
// TEST[continued] // TEST[continued]
or omit the username all together to retrieve all users: Omit the username to retrieve all users:
[source,js] [source,js]
-------------------------------------------------- --------------------------------------------------

View File

@ -87,113 +87,12 @@ xpack:
[[managing-native-users]] [[managing-native-users]]
==== Managing Native Users ==== Managing Native Users
You manage users in the `native` realm through the {security} enables you to easily manage users in {kib} on the
{ref}/security-api-users.html[user API]. *Management / Security / Users* page.
Alternatively, you can manage users through the `user` API. For more
information and examples, see {ref}/security-api-users.html[User Management APIs].
[[migrating-from-file]] [[migrating-from-file]]
NOTE: To migrate file-based users to the `native` realm, use the NOTE: To migrate file-based users to the `native` realm, use the
{ref}/migrate-tool.html[migrate tool]. {ref}/migrate-tool.html[migrate tool].
[float]
[[native-add]]
===== Adding Users
To add a user, submit a PUT or POST request to the `/_xpack/security/user/<username>`
endpoint.
Usernames must be at least 1 and no more than 1024 characters. They can
contain alphanumeric characters (`a-z`, `A-Z`, `0-9`), spaces, punctuation, and
printable symbols in the https://en.wikipedia.org/wiki/Basic_Latin_(Unicode_block)[Basic Latin (ASCII) block].
Leading or trailing whitespace is not allowed.
[source,js]
--------------------------------------------------
POST /_xpack/security/user/jacknich
{
"password" : "j@rV1s", <1>
"roles" : [ "admin", "other_role1" ], <2>
"full_name" : "Jack Nicholson", <3>
"email" : "jacknich@example.com", <4>
"metadata" : { <5>
"intelligence" : 7
},
"enabled": true <6>
}
--------------------------------------------------
// CONSOLE
<1> You must specify a password when adding a user. Passwords must be at least 6
characters long.
<2> You must assign at least one role to the user. The roles determine the user's
access permissions.
<3> The user's full name. Optional.
<4> The user's email address. Optional.
<5> Arbitrary metadata you want to associate with the user. Optional.
<6> Specifies whether the user should be enabled. Optional with a default of true.
[float]
[[native-list]]
===== Retrieving Users
To retrieve all users, submit a GET request to the `/_xpack/security/user` endpoint:
[source,js]
--------------------------------------------------
GET /_xpack/security/user
--------------------------------------------------
// CONSOLE
// TEST[continued]
To retrieve particular users, specify the users as a comma-separated list:
[source,js]
--------------------------------------------------
GET /_xpack/security/user/jacknich,rdeniro
--------------------------------------------------
// CONSOLE
// TEST[continued]
An object is returned holding the found users, each keyed by the relevant
username. Note that user passwords are not included.
[source,js]
--------------------------------------------------
{
"jacknich" : {
"username": "jacknich",
"roles" : [ "admin", "other_role1" ],
"full_name" : "Jack Nicholson",
"email" : "jacknich@example.com",
"enabled" : true,
"metadata" : {
"intelligence" : 7
}
}
}
--------------------------------------------------
// TESTRESPONSE
[float]
[[native-delete]]
===== Deleting Users
To delete a user, submit a DELETE request to the `/_xpack/security/user/<username>`
endpoint:
[source,js]
--------------------------------------------------
DELETE /_xpack/security/user/jacknich
--------------------------------------------------
// CONSOLE
// TEST[continued]
If the user is successfully deleted, the request returns `{"found": true}`.
Otherwise, `found` is set to false.
[source,js]
--------------------------------------------------
{
"found" : true
}
--------------------------------------------------
// TESTRESPONSE