Skills
.Work. You
Rest

api-authz

Official

Secure Kibana API routes.

Software Engineering#authorization#security#api#routing#kibana#privileges
Authorelastic
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill ensures that all API routes within Kibana are properly secured with authorization checks, preventing unauthorized access to sensitive data and functionality.

Core Features & Use Cases

  • Route Security Configuration: Define authorization requirements for API endpoints using requiredPrivileges.
  • Privilege Naming Conventions: Enforces a consistent <operation>_<subject> format for clear and maintainable privilege definitions.
  • Conditional Logic: Enables dynamic route behavior based on user privileges using request.authzResult.
  • Opting Out: Provides mechanisms to safely disable authorization for specific routes when necessary, with clear reasons.
  • Use Case: When developing a new API endpoint that should only be accessible by administrators, you would use this Skill to define the necessary administrative privileges in the route's security configuration.

Quick Start

Configure the '/api/users' route to require the 'admin_users' privilege for access.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: api-authz
Download link: https://github.com/elastic/kibana/archive/main.zip#api-authz

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.