Bearer Tokens and Elasticsearch API


(James) #1

Hi,
Through the ECE ui there is the option of API console on each cluster which sends a request like this

https://<ECE_URL>:12443/api/v0.1/regions/ece-region/clusters/b5fa10fc95c940fdb85c3f2f800f0dae/proxy/_cluster/_search

However when I post this command in the browser I get

{"ok":false,"message":"The supplied authentication is invalid"}

So I have been trying to use

POST /api/v1/users/auth/_refresh
 - https://www.elastic.co/guide/en/cloud-enterprise/current/refresh-token.html

to get a token but this is giving me both

{'errors': [{'message': 'HTTP method not allowed, supported methods: [GET]', 'code': 'root.method_not_allowed'}]}
and 
{'errors': [{'message': 'The requested resource could not be found', 'code': 'root.resource_not_found'}]}

When I use POST and GET respectively. Not sure if this is a bug in the API?

Thanks


(Osykora) #2

Hi,

you are missing authorization header in the search request. It requires basic auth with ECE admin and password. Basically, you have to use Postman, curl or another tool to send these requests that allow you to specify headers.

The header you must include looks like this:
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsIm5iZiI6MTU0OTAyMjUwMCwiaXNzIjoiZm91bmQtYWRtaW5jb25zb2xlIiwiZXhwIjoxNTQ5MDI0MzAwLCJpYXQiOjE1NDkwMjI1MDB9.NLQ4Oe0gDfD_EuMbSAcFzHWPAgidISPzqB9JcrHcdlV

https://www.elastic.co/guide/en/cloud-enterprise/current/ece-api-reference.html#ece-authentication


(Alex Piggott) #3

I think there is a v1 version of the "elasticsearch proxy" endpoint, which allows you to use basic auth

link


(system) closed #4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.