Security API

  • reference
    +
    The REST API supports all aspects of Couchbase-Server security

    APIs in this Section

    The Security REST API provides the endpoints for general security, for authentication, and for authorization. For a list of the endpoints, see the tables below.

    General Security

    HTTP Method URI Documented at

    GET

    ./whoami

    Who Am I?

    GET

    /settings/audit

    Configure Auditing

    POST

    /settings/audit

    Configure Auditing

    GET

    /settings/audit/descriptors

    Configure Auditing

    GET

    /settings/security

    Restrict Node-Addition

    POST

    /settings/security

    Restrict Node-Addition

    POST

    /clusterInit

    Initialize a Cluster

    GET

    /settings/security/[service-name]

    Configure On-the-Wire Security

    POST

    /settings/security/[service-name]

    Configure On-the-Wire Security

    POST

    /node/controller/rotateInternalCredentials

    Rotate Internal Credentials

    GET

    /settings/security/responseHeaders

    Configure HSTS

    POST

    /settings/security/responseHeaders

    Configure HSTS

    DELETE

    /settings/security/responseHeaders

    Configure HSTS

    Authentication

    HTTP Method URI Documented at

    GET

    /settings/ldap

    Configure LDAP

    POST

    /settings/ldap

    Configure LDAP

    GET

    /settings/saml

    Configure SAML

    POST

    /settings/saml

    Configure SAML

    GET

    /settings/saslauthdAuth

    Configure saslauthd

    POST

    /settings/saslauthdAuth

    Configure saslauthd

    GET

    /settings/passwordPolicy

    Set Password Policy

    POST

    /settings/passwordPolicy

    Set Password Policy

    POST

    /controller/changePassword

    Change Password

    POST

    /node/controller/loadTrustedCAs

    Load Root Certificates

    GET

    /node/controller/loadTrustedCAs

    Get Root Certificates

    DELETE

    /pools/default/trustedCAs/<id>

    Delete Root Certificates

    GET

    /pools/default/certificates

    Retrieve All Node Certificates

    POST

    /node/controller/reloadCertificate

    Upload and Retrieve Node Certificates

    GET

    /pools/default/certificate/node/<ip-address-or-domain-name>

    Upload and Retrieve Node Certificates

    POST

    /controller/regenerateCertificate

    Regenerate All Certificates

    Authorization

    HTTP Method URI Documented at

    GET

    /settings/rbac/roles

    List Roles

    GET

    /settings/rbac/users

    List Current Users and Their Roles

    POST

    /pools/default/checkPermissions

    Check Permissions

    GET

    /settings/rbac/groups

    List Currently Defined Groups

    PUT

    /settings/rbac/users/local/<new-username>

    Create a Local User

    PATCH

    /settings/rbac/users/local/<existing-username>

    Create a Local User

    PUT

    /settings/rbac/users/local/<new-username>

    Create an External User

    PUT

    /settings/rbac/groups/<new-groupname>

    Create a Group

    DELETE

    /settings/rbac/users/local/<local-username>

    Delete Users and Groups

    DELETE

    /settings/rbac/users/external/<external-username>

    Delete Users and Groups

    DELETE

    /settings/rbac/groups/<groupname>

    Delete Users and Groups

    System Secrets

    HTTP Method URI Documented at

    GET

    /nodes/self/secretsManagement

    Configuring System Secrets

    POST

    /node/controller/secretsManagement

    Configuring System Secrets

    POST

    /node/controller/changeMasterPassword

    Changing the Master Password

    POST

    /node/controller/rotateDataKey

    Rotating the Data Key