Can X-Pack be used entirely for application authentication and authorization

moraleslos · June 27, 2017, 4:25pm

For an app we are creating, we are still using .NET as middleware that includes authentication and authorization over RESTful services that essentially calls ES apis. Was wondering if X-Pack can essentially handle this tier in a similar fashion. For example, any registered users will have indexing permissions, while unregistered users will only have searching capabilities. It needs to be somewhat fine-grained as well in terms of what can be indexed.

If the above is possible using X-Pack with ES, we may eliminate the .NET middleware altogether since the heart of the app is through ES.

joshbressers · June 27, 2017, 11:57pm

This should be possible, but it will depend on what you're trying to do.

For example you can enable anonymous access with these instructions
https://www.elastic.co/guide/en/x-pack/current/anonymous-access.html

Then you would want to create roles for the other users giving them write access as needed.
https://www.elastic.co/guide/en/x-pack/current/authorization.html

Depending on how fine grained you need the access to be will be the decider here. Write access is granted to an entire index. We lack the ability to do fine grained write access on a document level.

Good luck.

Topic		Replies	Views
How to do authorization in elasticsearch Elasticsearch	5	2174	November 22, 2017
Another free plugin for authentication (like x-pack ) Elasticsearch	3	952	November 29, 2017
Setup Authentication and Authorization WITHOUT X-Pack? Elasticsearch	4	4910	April 9, 2018
Does X-Pack perform authorization checks per index or shard on every request? Kibana elastic-stack-security	5	77	May 27, 2025
Multitenant ElasticSearch Elasticsearch	9	912	July 4, 2017

Can X-Pack be used entirely for application authentication and authorization

Related topics