habsi/elasticsearch-js
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[7.x][DOCS] Fine-tunes the Node.Js client authentication section. (#1018)

Browse Source
This commit is contained in:
István Zoltán Szabó
2019-12-13 09:30:46 +01:00
committed by GitHub
parent c51fbfaafd
commit 35b03aed17
1 changed files with 32 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
docs/authentication.asciidoc
View File

@ -1,19 +1,25 @@
[[auth-reference]] [[auth-reference]]
== Authentication == Authentication
This document contains code snippets to show you how to connect to various Elasticsearch providers. This document contains code snippets to show you how to connect to various {es}
providers.
=== Elastic Cloud === Elastic Cloud
If you are using https://www.elastic.co/cloud[Elastic Cloud], the client offers a easy way to connect to it via the `cloud` option. + If you are using https://www.elastic.co/cloud[Elastic Cloud], the client offers
You must pass the Cloud ID that you can find in the cloud console, then your username and password inside the `auth` option. an easy way to connect to it via the `cloud` option. You must pass the Cloud ID
that you can find in the cloud console, then your username and password inside
the `auth` option.
NOTE: When connecting to Elastic Cloud, the client will automatically enable both request and response compression by default, since it yields significant throughput improvements. + NOTE: When connecting to Elastic Cloud, the client will automatically enable
Moreover, the client will also set the ssl option `secureProtocol` to `TLSv1_2_method` unless specified otherwise. both request and response compression by default, since it yields significant
You can still override this option by configuring them. throughput improvements. Moreover, the client will also set the ssl option
`secureProtocol` to `TLSv1_2_method` unless specified otherwise. You can still
override this option by configuring them.
IMPORTANT: Do not enable sniffing when using Elastic Cloud, since the nodes are behind a load balancer, Elastic Cloud will take care of everything for you. IMPORTANT: Do not enable sniffing when using Elastic Cloud, since the nodes are
behind a load balancer, Elastic Cloud will take care of everything for you.
[source,js] [source,js]
---- ----
@ -29,9 +35,11 @@ const client = new Client({
}) })
---- ----
=== Basic authentication === Basic authentication
You can provide your credentials by passing the `username` and `password` parameters via the `auth` option. You can provide your credentials by passing the `username` and `password`
parameters via the `auth` option.
[source,js] [source,js]
---- ----
@ -45,6 +53,7 @@ const client = new Client({
}) })
---- ----
Otherwise, you can provide your credentials in the node(s) URL. Otherwise, you can provide your credentials in the node(s) URL.
[source,js] [source,js]
@ -55,10 +64,15 @@ const client = new Client({
}) })
---- ----
=== ApiKey authentication === ApiKey authentication
You can use the https://www.elastic.co/guide/en/elasticsearch/reference/7.x/security-api-create-api-key.html[ApiKey] authentication by passing the `apiKey` parameter via the `auth` option. + You can use the
The `apiKey` parameter can be either a base64 encoded string or an object with the values that you can obtain from the https://www.elastic.co/guide/en/elasticsearch/reference/7.x/security-api-create-api-key.html[create api key endpoint]. https://www.elastic.co/guide/en/elasticsearch/reference/7.x/security-api-create-api-key.html[ApiKey]
authentication by passing the `apiKey` parameter via the `auth` option. The
`apiKey` parameter can be either a base64 encoded string or an object with the
values that you can obtain from the
https://www.elastic.co/guide/en/elasticsearch/reference/7.x/security-api-create-api-key.html[create api key endpoint].
[source,js] [source,js]
---- ----
@ -88,7 +102,14 @@ const client = new Client({
=== SSL configuration === SSL configuration
Without any additional configuration you can specify `https://` node urls, but the certificates used to sign these requests will not verified (`rejectUnauthorized: false`). To turn on certificate verification you must specify an `ssl` object either in the top level config or in each host config object and set `rejectUnauthorized: true`. The ssl config object can contain many of the same configuration options that https://nodejs.org/api/tls.html#tls_tls_connect_options_callback[tls.connect()] accepts. Without any additional configuration you can specify `https://` node urls, but
the certificates used to sign these requests will not verified
(`rejectUnauthorized: false`). To turn on certificate verification, you must
specify an `ssl` object either in the top level config or in each host config
object and set `rejectUnauthorized: true`. The ssl config object can contain
many of the same configuration options that
https://nodejs.org/api/tls.html#tls_tls_connect_options_callback[tls.connect()]
accepts.
[source,js] [source,js]
---- ----