Fail to get access token


(Wu Chun Wa) #1

Hi Sir,

i just follow the doc.
https://www.elastic.co/guide/en/elasticsearch/reference/5.6/security-api-tokens.html

Call the following command
POST /_xpack/security/oauth2/token
{
"grant_type" : "password",
"username" : "elastic",
"password" : "changeme"
}

But, i get the following error.
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "missing authentication token for REST request [/_xpack/security/oauth2/token?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm="security" charset="UTF-8""
}
}
],
"type" : "security_exception",
"reason" : "missing authentication token for REST request [/_xpack/security/oauth2/token?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm="security" charset="UTF-8""
}
},
"status" : 401
}

Would you mind give me a suggestion to solve it?
Thanks


(Tim Vernum) #2

The token endpoint is a secured URL. You need to authenticate using the standard mechanism (Authorization header, or PKI cert) as well as providing the username/password in the body.

From memory, the REST authentication does not need to match the username in the body.


(Wu Chun Wa) #3

Any document to teach about how to use Authorization header to get access right?


(Tim Vernum) #4

It sounds like you don't want to use the token service at all.
The token service is for a very specific use case - if you're just trying to setup authentication to Elasticsearch, then it's not what you need.

You want to start here: https://www.elastic.co/guide/en/x-pack/5.6/how-security-works.html#_user_authentication

If you have a username and password, then you just want to configure your HTTP client to do "Basic authentication". The specifics for that depend entirely on what client you are using to connect to ES.


(Wu Chun Wa) #5

Thanks


(system) #6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.