Search
Close this search box.

How to delete service account token?

how to delete service account token

Table of Contents

1. Introduction

Token will never expire on it’s own but you can delete it via API. I want to show you how to do it.

2. Start Elasticsearch

Start Elasticsearch without mounting volume.

				
					docker run --rm \
--name elk \
--net kibana \
-d \
-p 9200:9200 \
docker.elastic.co/elasticsearch/elasticsearch:8.11.0
				
			

Once Elasticsearch is started please set password for elastic user.

				
					docker exec -it elk bash -c "(mkfifo pipe1); ( (elasticsearch-reset-password -u elastic -i < pipe1) & ( echo $'y\n123456\n123456' > pipe1) );sleep 5;rm pipe1"
				
			

3. Delete Service Account Token

In order to delete something first thing must exist.

3.1. Create Service Account Token

You can create service account token for Kibana service account

				
					curl -k -XPOST -u elastic:123456 "https://localhost:9200/_security/service/elastic/kibana/credential/token/forkibana2?pretty"
				
			

example response below:

				
					{
  "created" : true,
  "token" : {
    "name" : "forkibana",
    "value" : "AAEAAWVsYXN0aWMva2liYW5hL2ZvcmtpYmFuYTI6Yzd4Qm51RjJTeENCeG15bFZvUzVEdw"
  }
}
				
			

3.2 Check if Token got created

Confirm if token got created by calling API

				
					curl -k -XGET -u elastic:123456 "https://localhost:9200/_security/service/elastic/kibana/credential?pretty"
				
			

example response:

				
					{
  "service_account" : "elastic/kibana",
  "count" : 1,
  "tokens" : {
    "forkibana2" : { }
  },
  "nodes_credentials" : {
    "_nodes" : {
      "total" : 1,
      "successful" : 1,
      "failed" : 0
    },
    "file_tokens" : { }
  }
}
				
			

3.3. Run API call to delete token

To delete call DELETE API.

				
					curl -k -XDELETE -u elastic:123456 "https://localhost:9200/_security/service/elastic/kibana/credential/token/forkibana2"
				
			

3.4. Confirm that token got deleted

				
					curl -k -XGET -u elastic:123456 "https://localhost:9200/_security/service/elastic/kibana/credential?pretty"
				
			

example response:

				
					{
  "service_account" : "elastic/kibana",
  "count" : 0,
  "tokens" : { },
  "nodes_credentials" : {
    "_nodes" : {
      "total" : 1,
      "successful" : 1,
      "failed" : 0
    },
    "file_tokens" : { }
  }
}
				
			

4. Summary

Knowledge Article let you learn how to delete service account tokens. Now you can use that knowledge in your projects.

Have a nice coding!

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow me on LinkedIn
Share the Post:

Enjoy Free Useful Amazing Content

Related Posts