Retrieve Value of JWT Token Created Through Kibana UI

Elastic Stack 7.10.2/SG 49.0.0.

I created a JWT token through the Kibana UI, however, unlike a token created through the REST API, it doesn’t display a value for the token field, and when I attempt to retrieve the token through the rest API using:

GET /_searchguard/authtoken/<token-id>

I get the following, which also doesn’t show the value of the token field:

{
  "user_name" : "me@example.com",
  "token_name" : "myindex-index-write-2021.02.26",
  "requested" : {
    "index_permissions" : [
      {
        "index_patterns" : [
          "myindex-*"
        ],
        "allowed_actions" : [
          "SGS_WRITE"
        ]
      }
    ],
    "exclude_cluster_permissions" : [
      "cluster:admin:searchguard:authtoken/_own/create"
    ]
  },
  "base" : {
    "roles_be" : [
      "SGS_ALL_ACCESS"
    ],
    "config" : [
      {
        "type" : "ACTIONGROUPS",
        "version" : 7
      },
      {
        "type" : "ROLESMAPPING",
        "version" : 7
      },
      {
        "type" : "ROLES",
        "version" : 7
      },
      {
        "type" : "TENANTS",
        "version" : 7
      }
    ]
  },
  "created_at" : 1614371968000,
  "expires_at" : 1645907968000
}

There is something missing, indeed. The token should be displayed to you directly after creating it.

We are working on a fix and will release it very soon.

It is however by design that you cannot retrieve old tokens later. This makes sure that you always have a complete audit trail regarding the creation/retrieval of tokens.

If the GET request would contain the actual token, we would have to log each access in addition.

If you have lost a token and need to use it later, the intended way is to revoke the old token and to create a new token.

Thanks for the info. This makes sense and is certainly workable. As a suggestion, though, you may want to note this in the documentation about generating a token.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.