OpenSearch

History

Tim Vernum cde8725e3c Create API Key on behalf of other user (#53943 ) This change adds a "grant API key action" POST /_security/api_key/grant that creates a new API key using the privileges of one user ("the system user") to execute the action, but creates the API key with the roles of the second user ("the end user"). This allows a system (such as Kibana) to create API keys representing the identity and access of an authenticated user without requiring that user to have permission to create API keys on their own. This also creates a new QA project for security on trial licenses and runs the API key tests there Backport of: #52886	2020-03-23 18:50:07 +11:00
..
src/test	Create API Key on behalf of other user (#53943 )	2020-03-23 18:50:07 +11:00
build.gradle	Create API Key on behalf of other user (#53943 )	2020-03-23 18:50:07 +11:00

Create API Key on behalf of other user (#53943 )

This change adds a "grant API key action"

   POST /_security/api_key/grant

that creates a new API key using the privileges of one user ("the
system user") to execute the action, but creates the API key with
the roles of the second user ("the end user").

This allows a system (such as Kibana) to create API keys representing
the identity and access of an authenticated user without requiring
that user to have permission to create API keys on their own.

This also creates a new QA project for security on trial licenses and runs
the API key tests there

Backport of: #52886

2020-03-23 18:50:07 +11:00

src/test

Create API Key on behalf of other user (#53943 )

2020-03-23 18:50:07 +11:00

build.gradle

Create API Key on behalf of other user (#53943 )

2020-03-23 18:50:07 +11:00