Making a custom Kibana plugin, and I'm looking to create a user with the callWithRequest function. I'm able to do some operations like ping and cluster.health, but putUser doesn't seem to be available.
I even took a crawl in the kibana/src/core/server/elasticsearch/api_types.ts, and there doesn't appear to be any security endpoints available.
Is it possible to call putUser using the clients credentials? Push come to shove, I can just create an username, password box and have them enter in admin credentials, and use the nodejs library for ES separately, which I'm doing mostly anyway.
I even took a crawl in the kibana/src/core/server/elasticsearch/api_types.ts , and there doesn't appear to be any security endpoints available.
This is correct -- currently the ES client doesn't have definitions for x-pack APIs. At the moment there are two ways to work around this:
- You can use
transport.request to send any arbitrary request to Elasticsearch. This is a catch-all to enable working with any ES APIs which don't have definitions in api_types.ts.
- You can use
core.elasticsearch.createClient to register a custom plugin which extends the ES client and knows how to handle putUser. This is what the x-pack security plugin currently does because it handles some niceties like validation for you. Though I will note that this is all based on the legacy ES client; we have not yet migrated Kibana to using the new JS client, which will offer its own way of extending the client.
Usage of the legacy createClient looks something like this:
setup(core) {
const client = core.elasticsearch.createClient('foo', {
plugins: [myClientPlugin],
});
const router = core.http.createRouter();
router.post({
path: '/my/api',
validate: {...},
},
handler: async (ctx, req, res) => {
await client.asScoped(request).callAsCurrentUser('putUser', {
...params for client plugin
});
return response.ok({...});
});
}