Table of Contents
1. Introduction
Token will never expire on it’s own but you can delete it via API. I want to show you how to do it.
2. Start Elasticsearch
Start Elasticsearch without mounting volume.
docker run --rm \
--name elk \
--net kibana \
-d \
-p 9200:9200 \
docker.elastic.co/elasticsearch/elasticsearch:8.11.0
Once Elasticsearch is started please set password for elastic user.
docker exec -it elk bash -c "(mkfifo pipe1); ( (elasticsearch-reset-password -u elastic -i < pipe1) & ( echo $'y\n123456\n123456' > pipe1) );sleep 5;rm pipe1"
3. Delete Service Account Token
In order to delete something first thing must exist.
3.1. Create Service Account Token
You can create service account token for Kibana service account
curl -k -XPOST -u elastic:123456 "https://localhost:9200/_security/service/elastic/kibana/credential/token/forkibana2?pretty"
example response below:
{
"created" : true,
"token" : {
"name" : "forkibana",
"value" : "AAEAAWVsYXN0aWMva2liYW5hL2ZvcmtpYmFuYTI6Yzd4Qm51RjJTeENCeG15bFZvUzVEdw"
}
}
3.2 Check if Token got created
Confirm if token got created by calling API
curl -k -XGET -u elastic:123456 "https://localhost:9200/_security/service/elastic/kibana/credential?pretty"
example response:
{
"service_account" : "elastic/kibana",
"count" : 1,
"tokens" : {
"forkibana2" : { }
},
"nodes_credentials" : {
"_nodes" : {
"total" : 1,
"successful" : 1,
"failed" : 0
},
"file_tokens" : { }
}
}
3.3. Run API call to delete token
To delete call DELETE API.
curl -k -XDELETE -u elastic:123456 "https://localhost:9200/_security/service/elastic/kibana/credential/token/forkibana2"
3.4. Confirm that token got deleted
curl -k -XGET -u elastic:123456 "https://localhost:9200/_security/service/elastic/kibana/credential?pretty"
example response:
{
"service_account" : "elastic/kibana",
"count" : 0,
"tokens" : { },
"nodes_credentials" : {
"_nodes" : {
"total" : 1,
"successful" : 1,
"failed" : 0
},
"file_tokens" : { }
}
}
4. Summary
Knowledge Article let you learn how to delete service account tokens. Now you can use that knowledge in your projects.
Have a nice coding!