Package co.elastic.clients.elasticsearch.security

Class InvalidateApiKeyRequest

java.lang.Object
co.elastic.clients.elasticsearch._types.RequestBase
co.elastic.clients.elasticsearch.security.InvalidateApiKeyRequest
All Implemented Interfaces:
JsonpSerializable
@JsonpDeserializable public class InvalidateApiKeyRequest extends RequestBase implements JsonpSerializable
Invalidate API keys.

This API invalidates API keys created by the create API key or grant API key APIs. Invalidated API keys fail authentication, but they can still be viewed using the get API key information and query API key information APIs, for at least the configured retention period, until they are automatically deleted.

To use this API, you must have at least the manage_security, manage_api_key, or manage_own_api_key cluster privileges. The manage_security privilege allows deleting any API key, including both REST and cross cluster API keys. The manage_api_key privilege allows deleting any REST API key, but not cross cluster API keys. The manage_own_api_key only allows deleting REST API keys that are owned by the user. In addition, with the manage_own_api_key privilege, an invalidation request must be issued in one of the three formats:

  • Set the parameter owner=true.
  • Or, set both username and realm_name to match the user's identity.
  • Or, if the request is issued by an API key, that is to say an API key invalidates itself, specify its ID in the ids field.
See Also:

  • Field Details

  • Method Details

    • of

      public static InvalidateApiKeyRequest of(Function<InvalidateApiKeyRequest.Builder,ObjectBuilder<InvalidateApiKeyRequest>> fn)

    • id

      @Nullable public final String id()
      API name: id

    • ids

      public final List<String> ids()
      A list of API key ids. This parameter cannot be used with any of name, realm_name, or username.

      API name: ids

    • name

      @Nullable public final String name()
      An API key name. This parameter cannot be used with any of ids, realm_name or username.

      API name: name

    • owner

      @Nullable public final Boolean owner()
      Query API keys owned by the currently authenticated user. The realm_name or username parameters cannot be specified when this parameter is set to true as they are assumed to be the currently authenticated ones.

      NOTE: At least one of ids, name, username, and realm_name must be specified if owner is false.

      API name: owner

    • realmName

      @Nullable public final String realmName()
      The name of an authentication realm. This parameter cannot be used with either ids or name, or when owner flag is set to true.

      API name: realm_name

    • username

      @Nullable public final String username()
      The username of a user. This parameter cannot be used with either ids or name or when owner flag is set to true.

      API name: username

    • serialize

      public void serialize(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper)
      Serialize this object to JSON.
      Specified by:
      serialize in interface JsonpSerializable

    • serializeInternal

      protected void serializeInternal(jakarta.json.stream.JsonGenerator generator, JsonpMapper mapper)

    • setupInvalidateApiKeyRequestDeserializer

      protected static void setupInvalidateApiKeyRequestDeserializer(ObjectDeserializer<InvalidateApiKeyRequest.Builder> op)