Get Security Configuration API
Introduced 1.0
The Get Security Configuration API retrieves the current security configuration. This configuration includes authentication domains and other security-related configurations.
Endpoints
GET /_plugins/_security/api/securityconfig
Example request
GET /_plugins/_security/api/securityconfigresponse = client.security.get_configuration()Example response
{
"config": {
"dynamic": {
"authc": {
"basic_internal_auth_domain": {
"http_enabled": true,
"transport_enabled": true,
"order": 0,
"http_authenticator": {
"challenge": true,
"type": "basic",
"config": {}
},
"authentication_backend": {
"type": "internal",
"config": {}
}
}
},
"authz": {
"roles_from_myldap": {
"http_enabled": true,
"transport_enabled": true,
"authorization_backend": {
"type": "ldap",
"config": {
"roles_search_filter": "(uniqueMember={0})",
"host": "ldap.example.com",
"port": 389
}
}
}
},
"multi_rolespan_enabled": true,
"hosts_resolver_mode": "ip-only",
"do_not_fail_on_forbidden": false
}
}
}
Response body fields
The response body is a JSON object with the following fields.
| Property | Data type | Description |
|---|---|---|
config | Object | The root object containing the security configuration. |
Response body fields: config
config is a JSON object that contains the following fields.
| Property | Data type | Description |
|---|---|---|
dynamic | Object | The main configuration object containing all security configuration settings. Includes authentication domains (authc), authorization settings (authz), and various security behaviors. |