How to catch an exception for "Authentication using apikey failed - api key is expired"

Jim_Song · October 31, 2023, 8:06pm

I am using client lib to perform a search operation. The API key used for constructing an ElasticsearchClient expired. How can I catch this specific type of "API Key expired" error, so that I can handle it, e.g. creating another key?

Caused by: co.elastic.clients.elasticsearch._types.ElasticsearchException: [es/search] failed: [security_exception] unable to authenticate with provided credentials and anonymous access is not allowed for this request
	at co.elastic.clients.transport.ElasticsearchTransportBase.getApiResponse(ElasticsearchTransportBase.java:286)
	at co.elastic.clients.transport.ElasticsearchTransportBase.performRequest(ElasticsearchTransportBase.java:111)
	at co.elastic.clients.elasticsearch.ElasticsearchClient.search(ElasticsearchClient.java:1887)
	at co.elastic.clients.elasticsearch.ElasticsearchClient.search(ElasticsearchClient.java:1904)

TimV · November 7, 2023, 4:48am

You can't.

If the API Key is no longer valid then you can't authenticate.
If you can't authenticate then the server will consider you to be an untrusted client.
If you are an untrusted client then the server will not give you any details about expired API Keys.

The only things you can do are:

Track the expiry of your API key and create a new one ahead of time
Assume that any authentication error is caused by expired credentials.

system · December 5, 2023, 4:49am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.