What can the manage token privilege to? can it update some cluster settings, like security, or some other stuff?

in the ES guidelines, there does not have too much talks about what the "manage tokne" privilege can be used do. I want to know whether the manage token privilege can be used to update cluster settings, such as security, or some other stuff.

Hi @ChatLee - Thanks for reaching out. Based on your question, I'd suggest reaching out to the folks in elastic-stack-security . I'll re-tag your initial question so it shows up on their radar!

From Elastic Security to Elasticsearch

Added elastic-stack-security

sure, thanks for your hlep

The documentation says:

  • manage_token All security-related operations on tokens that are generated by the Elasticsearch Token Service.

That means it gives access to the APIs listed in the Tokens section here

If you can give us a bit more info about the purpose of your question we can probably provide more useful help.
Are you trying to decide on the privileges you need for a role you're creating, or trying to understand what an existing role is permitted to do, or something else?