Enabling tokens in Elastic Cloud

How do I enable tokens in the Elastic Cloud Service?
I have a few developers using various clients:

  • React
  • Java
  • PHP

I'd like them to be able to authenticate with user name and password and then receive a token for subsequent requests.

Hi there,

The token service is enabled for Elastic Cloud. However, note that this cannot be used as a self service API for your users as you describe. Our Get Token API implements the Resource Owner Password Credentials Grant and as such there needs to be a trusted client that will make authenticated and authorized API calls sending in the end user credentials in order to retrieve an access token ( and potentially a refresh token ) for the end user.

That means that in the example in the docs:

POST /_xpack/security/oauth2/token
{
  "grant_type" : "password",
  "username" : "test_admin",
  "password" : "x-pack-test-password"
}

the POST /_xpack/security/oauth2/token request needs to be made by a user ( not necessarily and most probably not the same as the test_admin one ) that has the necessary permissions to call that API. The token that this call will return will be for test_admin and can be then passed to test_admin or used on his behalf.

We are in the process of clarifying the relevant part of the documentation also, apologies if it was not clear enough.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.