How do I enable tokens in the Elastic Cloud Service?
I have a few developers using various clients:
- React
- Java
- PHP
I'd like them to be able to authenticate with user name and password and then receive a token for subsequent requests.
Hi there,
The token service is enabled for Elastic Cloud. However, note that this cannot be used as a self service API for your users as you describe. Our Get Token API implements the Resource Owner Password Credentials Grant and as such there needs to be a trusted client that will make authenticated and authorized API calls sending in the end user credentials in order to retrieve an access token ( and potentially a refresh token ) for the end user.
That means that in the example in the docs:
POST /_xpack/security/oauth2/token
{
"grant_type" : "password",
"username" : "test_admin",
"password" : "x-pack-test-password"
}
the POST /_xpack/security/oauth2/token request needs to be made by a user ( not necessarily and most probably not the same as the test_admin one ) that has the necessary permissions to call that API. The token that this call will return will be for test_admin and can be then passed to test_admin or used on his behalf.
We are in the process of clarifying the relevant part of the documentation also, apologies if it was not clear enough.