Invalidate API keys | Elasticsearch API documentation (v9)

application/json

BodyRequired

idstring
idsarray[string]
A list of API key ids. This parameter cannot be used with any of name, realm_name, or username.
namestring
ownerboolean
Query API keys owned by the currently authenticated user. The realm_name or username parameters cannot be specified when this parameter is set to true as they are assumed to be the currently authenticated ones.
NOTE: At least one of ids, name, username, and realm_name must be specified if owner is false.
realm_namestring
The name of an authentication realm. This parameter cannot be used with either ids or name, or when owner flag is set to true.
usernamestring

Responses

200 application/json
Hide response attributes Show response attributes object
- error_countnumber Required
  The number of errors that were encountered when invalidating the API keys.
- error_detailsarray[object]
  Details about the errors. This field is not present in the response when error_count is 0.
  Hide error_details attributes Show error_details attributes object
  typestring Required
  The type of error
  reasonstring | null
  A human-readable explanation of the error, in English.
  One of:
  string-1string string-2string | null
  stack_tracestring
  The server stack trace. Present only if the error_trace=true parameter was sent with the request.
  caused_byobject
  root_causearray[object]
  suppressedarray[object]
- invalidated_api_keysarray[string] Required
  The IDs of the API keys that were invalidated as part of this request.
- previously_invalidated_api_keysarray[string] Required
  The IDs of the API keys that were already invalidated.

DELETE /_security/api_key

DELETE /_security/api_key
{
  "ids" : [ "VuaCfGcBCdbkQm-e5aOx" ]
}

curl \
 --request DELETE 'http://api.example.com/_security/api_key' \
 --header "Authorization: $API_KEY" \
 --header "Content-Type: application/json" \
 --data '"{\n  \"ids\" : [ \"VuaCfGcBCdbkQm-e5aOx\" ]\n}"'

Request examples

Run `DELETE /_security/api_key` to invalidate the API keys identified by ID.

{
  "ids" : [ "VuaCfGcBCdbkQm-e5aOx" ]
}

Run `DELETE /_security/api_key` to invalidate the API keys identified by name.

{
  "name" : "my-api-key"
}

Run `DELETE /_security/api_key` to invalidate all API keys for the `native1` realm.

{
  "realm_name" : "native1"
}

Run `DELETE /_security/api_key` to invalidate all API keys for the user `myuser` in all realms.

{
  "username" : "myuser"
}

Run `DELETE /_security/api_key` to invalidate the API keys identified by ID if they are owned by the currently authenticated user.

{
  "ids" : ["VuaCfGcBCdbkQm-e5aOx"],
  "owner" : "true"
}

Run `DELETE /_security/api_key` to invalidate all API keys for the user `myuser` in the `native1` realm .

{
  "username" : "myuser",
  "realm_name" : "native1"
}

Response examples (200)

A successful response from `DELETE /_security/api_key`.

{
  "invalidated_api_keys": [ 
    "api-key-id-1"
  ],
  "previously_invalidated_api_keys": [ 
    "api-key-id-2",
    "api-key-id-3"
  ],
  "error_count": 2, 
  "error_details": [ 
    {
      "type": "exception",
      "reason": "error occurred while invalidating api keys",
      "caused_by": {
        "type": "illegal_argument_exception",
        "reason": "invalid api key id"
      }
    },
    {
      "type": "exception",
      "reason": "error occurred while invalidating api keys",
      "caused_by": {
        "type": "illegal_argument_exception",
        "reason": "invalid api key id"
      }
    }
  ]
}

BodyRequired

Responses

reasonstring | null