OpenSearch/x-pack/docs/en/security
Ioannis Kakavas ac87c10039
[7.x] Fix responses for the token APIs (#54532) (#55278)
This commit fixes our behavior regarding the responses we
return in various cases for the use of token related APIs.
More concretely:

- In the Get Token API with the `refresh` grant, when an invalid
(already deleted, malformed, unknown) refresh token is used in the
body of the request, we respond with `400` HTTP status code
 and an `error_description` header with the message "could not
refresh the requested token".
Previously we would return erroneously return a  `401` with "token
malformed" message.

- In the Invalidate Token API, when using an invalid (already
deleted, malformed, unknown) access or refresh token, we respond
with `404` and a body that shows that no tokens were invalidated:
   ```
   {
     "invalidated_tokens":0,
     "previously_invalidated_tokens":0,
      "error_count":0
   }
   ```
   The previous behavior would be to erroneously return
a `400` or `401` ( depending on the case ).

- In the Invalidate Token API, when the tokens index doesn't
exist or is closed, we return `400` because we assume this is
a user issue either because they tried to invalidate a token
when there is no tokens index yet ( i.e. no tokens have
been created yet or the tokens index has been deleted ) or the
index is closed.

- In the Invalidate Token API, when the tokens index is
unavailable, we return a `503` status code because
we want to signal to the caller of the API that the token they
tried to invalidate was not invalidated and we can't be sure
if it is still valid or not, and that they should try the request
again.

Resolves: #53323
2020-04-16 14:05:55 +03:00
..
auditing [DOCS] Rename auditing topic. Closes #49012 (#49013) 2019-11-22 14:16:58 -08:00
authentication [7.x] Fix responses for the token APIs (#54532) (#55278) 2020-04-16 14:05:55 +03:00
authorization [DOCS] Clarifies machine learning built-in roles (#51504) 2020-02-11 18:28:53 -08:00
ccs-clients-integrations [DOCS] Fixes monitoring links (#52790) 2020-02-25 18:08:23 -08:00
images [7.x][DOCS] Copies security source files from stack-docs (#47534) 2019-10-04 08:19:10 -07:00
reference [DOCS] Merges duplicate pages for file realms (#49200) 2019-11-18 12:02:18 -08:00
securing-communications [7.x][DOCS] Adds common definitions for security settings (#51017) (#53242) 2020-03-06 16:28:54 -08:00
configuring-es.asciidoc [DOCS] Merges duplicate pages for Active Directory realms (#49205) 2019-11-19 13:18:01 -08:00
fips-140-compliance.asciidoc [7.x][DOCS] Adds common definitions for security settings (#51017) (#53242) 2020-03-06 16:28:54 -08:00
get-started-builtin-users.asciidoc [7.x][DOCS] Copies security source files from stack-docs (#47534) 2019-10-04 08:19:10 -07:00
get-started-enable-security.asciidoc [7.x][DOCS] Copies security source files from stack-docs (#47534) 2019-10-04 08:19:10 -07:00
get-started-kibana-users.asciidoc [7.x][DOCS] Copies security source files from stack-docs (#47534) 2019-10-04 08:19:10 -07:00
get-started-security.asciidoc Deprecating kibana_user and kibana_dashboard_only_user roles (#50963) 2020-01-15 11:07:19 +11:00
index.asciidoc [DOCS] Merges security overview pages (#49342) 2019-11-19 16:19:02 -08:00
limitations.asciidoc [7.x][DOCS] Copies security source files from stack-docs (#47534) 2019-10-04 08:19:10 -07:00
overview.asciidoc [DOCS] Merges security overview pages (#49342) 2019-11-19 16:19:02 -08:00
troubleshooting.asciidoc [7.x] Switch to the most recent Kibana configuration format and SAML/OIDC endpoints. (#54624) 2020-04-02 11:59:11 +02:00
using-ip-filtering.asciidoc [DOCS] Change // CONSOLE comments to [source,console] (#46440) (#46494) 2019-09-09 12:35:50 -04:00