maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/docs/api/using-api.asciidoc
Kaarina Tungseth fda3196611
[DOCS] Updates API requests and examples (#60695) 
* [DOCS] Updates API requests and examples

* Review comments
2020-03-20 16:33:20 -05:00

72 lines
2.4 KiB
Plaintext
Raw Blame History

[[using-api]]
== Using the APIs
Interact with the {kib} APIs through the `curl` command and HTTP and HTTPs protocols.
It is recommended that you use HTTPs on port 5601 because it is more secure.
NOTE: The {kib} Console supports only Elasticsearch APIs. You are unable to interact with the {kib} APIs with the Console and must use `curl` or another HTTP tool instead. For more information, refer to <<console-kibana,Console>>.
[float]
[[api-authentication]]
=== Authentication
{kib} supports token-based authentication with the same username and password that you use to log into the {kib} Console.
[float]
[[api-calls]]
=== API calls
API calls are stateless. Each request that you make happens in isolation from other calls and must include all of the necessary information for {kib} to fulfill the request. API requests return JSON output, which is a format that is machine-readable and works well for automation.
Calls to the API endpoints require different operations. To interact with the {kib} APIs, use the following operations:
* *GET* - Fetches the information.
* *POST* - Adds new information.
* *PUT* - Updates the existing information.
* *DELETE* - Removes the information.
For example, the following `curl` command exports a dashboard:
[source,sh]
--
curl -X POST -u $USER:$PASSWORD "localhost:5601/api/kibana/dashboards/export?dashboard=942dcef0-b2cd-11e8-ad8e-85441f0c2e5c"
--
// KIBANA
[float]
[[api-request-headers]]
=== Request headers
For all APIs, you must use a request header. The {kib} APIs support the `kbn-xsrf` and `Content-Type` headers.
`kbn-xsrf: true`::
By default, you must use `kbn-xsrf` for all API calls, except in the following scenarios:
* The API endpoint uses the `GET` or `HEAD` operations
* The path is whitelisted using the <<settings, `server.xsrf.whitelist`>> setting
* XSRF protections are disabled using the `server.xsrf.disableProtection` setting
`Content-Type: application/json`::
Applicable only when you send a payload in the API request. {kib} API requests and responses use JSON. Typically, if you include the `kbn-xsrf` header, you must also include the `Content-Type` header.
Request header example:
[source,sh]
--
curl -X POST \
http://localhost:5601/api/spaces/space \
-H 'Content-Type: application/json' \
-H 'kbn-xsrf: true' \
-d '{
"id": "sales",
"name": "Sales",
"description": "This is your Sales Space!",
"disabledFeatures": []
}
'
--
Reference in a new issue View git blame Copy permalink