Secured Elasticsearch in API Portal 10.4

webMethods API Portal tutorial

Until previous releases of API Portal, users who know the elastic search port can access the data present in it by accessing the following URL: http://<machine_name>:<es_port>/_mapping

From API Portal 10.4 release, user will be promoted to enter "username & password" to access the elastic search data, if accessed from anywhere away from API Portal. This username & password is generated automatically.

Get elastic search credentials:

1. Open ACC console and run the following command, "list services".

2. From the list of services, take the Service ID of "ELASTICSEARCH" service type and run the following command, "show service <ELASTICSEARCH_SERVICE_ID>".

3. The username & password can be taken from the list of parameters that are listed.

Change default credentials:

1. Run the following command to change the default credentials to custom credentials, 
reconfigure elastic_s"<username>" +ELASTICSEARCH.aris.api.user.password="<password>"

2. To view the changed credentials, again run the "show service <ELASTICSEARCH_SERVICE_ID>" command.

Disable secure access to elastic search data:

If required, the security permission can be revoked by executing the following command in ACC console, reconfigure elastic_s +ELASTICSEARCH.aris.api.deactivate.authentication="true"