How can you programmatically revoke all API keys created by a specific user using Elasticsearch API?

hard🚀 Application Q9 of Q15

Elasticsearch - Security

ADelete the user account to revoke all keys automatically

BManually delete each API key by its ID one by one

CUse the create API key endpoint with an empty body to revoke keys

DCall the invalidate API key endpoint with a query filtering by "username"

Step-by-Step Solution

Solution:

Step 1: Understand API key invalidation options
Elasticsearch allows invalidating keys by filters like username.
Step 2: Evaluate options
Call the invalidate API key endpoint with a query filtering by "username" correctly uses the invalidate endpoint with a filter; others are incorrect or inefficient.
Final Answer:
Call the invalidate API key endpoint with a query filtering by "username" -> Option D
Quick Check:
Use filter by username to revoke all keys [OK]

Quick Trick: Use invalidate API with username filter to revoke keys [OK]

Common Mistakes:

MISTAKES

Master "Security" in Elasticsearch

9 interactive learning modes - each teaches the same concept differently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

More Elasticsearch Quizzes