How to generate API Key for elastic search

How to Generate an API Key for Elasticsearch

Elasticsearch provides robust security features, including API key authentication, which can be enabled to control access to your cluster. In this blog, we'll walk through the steps required to generate an API key in Elasticsearch by updating configurations and setting up authentication.

Step 1: Enable Security in Elasticsearch

To enable API key authentication, you need to modify the elasticsearch.yml configuration file and include the following settings:

xpack.security.enabled: true
xpack.security.authc.api_key.enabled: true

These configurations ensure that security features and API key authentication are activated in your Elasticsearch instance.

Step 2: Set Up Authentication

If authentication was not previously enabled in your Elasticsearch setup, enabling security features will require setting a password for the elastic superuser.

To reset and generate a new password for the elastic superuser, run the following command inside the Elasticsearch pod terminal:

bin/elasticsearch-reset-password -u elastic

After executing the command, you will receive a new password like this:

New value: jsdhgsdkjsdnhyu8923n

Make sure to securely store this password, as it will be required for authentication.

Step 3: Generate an API Key

Once security is enabled and the password is set, you can generate an API key using the following cURL command:

curl -X POST "https://your-elasticsearch-host:9200/_security/api_key" \
  -H "Content-Type: application/json" \
  -u elastic:your-password \
  -d '{
    "name": "my-api-key",
    "role_descriptors": {
      "custom_role": {
        "cluster": ["all"],
        "index": [
          {
            "names": ["*"],
            "privileges": ["read", "write"]
          }
        ]
      }
    }
  }'

This command will return a response containing the API key information:

{
  "id": "some-api-key-id",
  "name": "my-api-key",
  "expiration": "2025-12-31T23:59:59.000Z",
  "api_key": "some-generated-api-key"
}

Store the api_key securely, as it will be used for authentication in your applications.

Step 4: Use the API Key

To authenticate API requests using the generated key, include it in the Authorization header like this:

curl -X GET "https://your-elasticsearch-host:9200/_cat/indices?v" \
  -H "Authorization: ApiKey some-generated-api-key"

This ensures secure access to your Elasticsearch cluster without exposing user credentials.

Conclusion

By enabling security features and API key authentication in Elasticsearch, you can enhance the security of your cluster and provide controlled access to different users and applications. Always store credentials and API keys securely and limit their permissions based on your needs.