Hey @KevSex,
Yeah, as @flash1293 already noted, it's an internal API and we reserve the right to make any breaking changes to it even though we try hard to not do that without a strong need.
Back to your original question, here is the definition of request body schema:
schema.object({
providerType: schema.string(),
providerName: schema.string(),
currentURL: schema.string(),
params: schema.conditional(
schema.siblingRef('providerType'),
schema.oneOf([
schema.literal(BasicAuthenticationProvider.type),
schema.literal(TokenAuthenticationProvider.type),
]),
basicParamsSchema,
schema.never()
),
}),
So assuming you're using default xpack.security.autch.providers config, your request should look like this:
POST https://localhost:5601/internal/security/login
Accept: application/json
Content-Type: application/json
kbn-xsrf: true
{
"providerType": "basic",
"providerName": "basic",
"currentURL": "/",
"params": { "username": "***", "password": "***" }
}
providerName is an arbitrary string and depends on how you configure Kibana, you can read more about this here.
We changed the API signature so that it can work with all authentication mechanisms Kibana supports now or will in the future.
Let me know if you have any other questions.
Best,
Oleg