Hi,
Is there a way to delete revoked Fleet enrolment tokens?
Thank you
Hi @dkprojects,
Currently the delete enrollment tokens endpoints only allows to invalidate them, not to delete. It basically works as a soft delete.
What's your use case for deleting them?
Thanks,
Cristina
Hi,
The reason for deleting is simple. We have too many tokens that are not being used and they are cluttering the list making it hard to manage.
Thanks
If you need a way to delete the inactive enrollment keys, you can use this workaround. First create a user with the system_indices superuser role, e.g.
Then, via Kibana dev tools in a session for the user with the above role, run the following delete_by_query operation
POST .fleet-enrollment-api-keys/_delete_by_query
{
"query": {
"match": {
"active": false
}
}
}
You could also simply filter the inactive enrollment keys out in the UI by adding active: false to the KQL search bar on the enrollment keys page.
--
Thanks,
Cristina
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.