Elasticsearch Creating API Keys in Elasticsearch: An Advanced Guide

By Opster Team

Updated: Oct 31, 2023

| 2 min read

Before you dig into the details of this technical guide, have you tried asking OpsGPT?

You'll receive concise answers that will help streamline your Elasticsearch/OpenSearch operations.

Try OpsGPT now for step-by-step guidance and tailored insights into your Elasticsearch/ OpenSearch operation.

To manage all aspects of your Elasticsearch operation, you can use Opster’s Management Console (OMC). The OMC makes it easy to orchestrate and manage Elasticsearch in any K8 environment. Using the OMC you can deploy multiple clusters, configure node roles, scale cluster resources, manage certificates and more – all from a single interface, for free. Check it out here.

You can also try AutoOps for Elasticsearch. It will detect issues and improve your Elasticsearch performance by analyzing your shard sizes, threadpools, memory, snapshots, disk watermarks and more. Try it for free.

Quick links


API keys in Elasticsearch are a secure way to manage authentication and authorization. They are a critical component in ensuring that your Elasticsearch cluster is protected from unauthorized access. This article will delve into the process of creating API keys in Elasticsearch, providing a detailed, step-by-step guide.

Understanding API Keys

API keys are a method of authentication that allows a user or a process to access the Elasticsearch cluster. They are a base64-encoded string which represents the credentials of a specific user. API keys can be set with specific roles, allowing granular control over what actions can be performed using the key.

Creating an API Key

Creating an API key in Elasticsearch involves making a POST request to the Elasticsearch `_security/api_key` API. The following steps outline this process:

1. Prepare and send your request: 

The first step is to prepare your POST request. This will include the necessary information to create the API key. The request should be structured as follows:

POST /_security/api_key
  "name": "my-api-key",
  "expiration": "10d",
  "role_descriptors": {
    "role-name": {
      "cluster": ["all"],
      "index": [
          "names": ["index-name"],
          "privileges": ["all"]

In this example, `my-api-key` is the name of the API key, `role-name` is the name of the role associated with the key, and `index-name` is the name of the index that the key has access to. The key is created for ten days and will expire after that duration. If you omit the expiration parameter, the API key will never expire.

2. Receive your API key:

After sending the request, Elasticsearch will respond with the API key. The response will look something like this:

  "id" : "VuaCfGcBCdbkQm-e5aOx",
  "name" : "my-api-key",
  "api_key" : "ui2lp2axTGuGuDtlkzrAUA"

The `id` and `api_key` fields represent your API key. The `api_key` field is the base64-encoded representation of your API key.

Managing API Keys

Once you have created an API key, you can manage it using the Elasticsearch _security/api_key API. You can invalidate an API key, which will prevent it from being used for authentication. You can also get information about an API key, such as when it was created and what roles it has.

To invalidate an API key, you can send a DELETE request to the _security API:

curl -X DELETE "localhost:9200/_security/api_key" -H 'Content-Type: application/json' -d'
  "ids" : ["VuaCfGcBCdbkQm-e5aOx"]

To get information about an API key, you can send a GET request to the _security API:

curl -X GET "localhost:9200/_security/api_key?id=VuaCfGcBCdbkQm-e5aOx"


In conclusion, API keys are a critical component in securing your Elasticsearch cluster. They provide a method of authentication that is both secure and flexible, allowing you to control who has access to your cluster and what actions they can perform. By following the steps outlined in this article, you can create and manage your own API keys in Elasticsearch. 

How helpful was this guide?

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Get expert answers on Elasticsearch/OpenSearch