{
  "id": "elasticsearch/missing-authentication-credentials",
  "signature": "ElasticsearchSecurityException: missing authentication credentials [global]",
  "signature_zh": "ElasticsearchSecurityException: 缺少身份验证凭据 [全局]",
  "regex": "ElasticsearchSecurityException: missing authentication credentials \\[.*\\]",
  "domain": "elasticsearch",
  "category": "auth_error",
  "subcategory": null,
  "root_cause": "A request to Elasticsearch lacks required authentication credentials, often due to missing API key or token.",
  "root_cause_type": "generic",
  "root_cause_zh": "对 Elasticsearch 的请求缺少必要的身份验证凭据，通常是由于缺少 API 密钥或令牌。",
  "versions": [
    {
      "version": "7.17.0",
      "introduced": null,
      "deprecated": null,
      "removed": null,
      "behavior_change": null,
      "status": "active"
    },
    {
      "version": "8.10.0",
      "introduced": null,
      "deprecated": null,
      "removed": null,
      "behavior_change": null,
      "status": "active"
    },
    {
      "version": "8.14.0",
      "introduced": null,
      "deprecated": null,
      "removed": null,
      "behavior_change": null,
      "status": "active"
    }
  ],
  "os_specific": {},
  "dead_ends": [
    {
      "action": "",
      "why_fails": "Disabling security exposes the cluster to unauthorized access and is not a proper fix.",
      "fail_rate": 0.7,
      "condition": "",
      "sources": []
    },
    {
      "action": "",
      "why_fails": "Restarting does not provide the missing credentials; the error will recur.",
      "fail_rate": 0.95,
      "condition": "",
      "sources": []
    },
    {
      "action": "",
      "why_fails": "The client still uses old credentials, causing authentication failure.",
      "fail_rate": 0.9,
      "condition": "",
      "sources": []
    }
  ],
  "workarounds": [
    {
      "action": "Generate a new API key via Kibana or the `POST /_security/api_key` endpoint and include it in the `Authorization` header: `Authorization: ApiKey <base64-encoded-key>`.",
      "success_rate": 0.95,
      "how": "Generate a new API key via Kibana or the `POST /_security/api_key` endpoint and include it in the `Authorization` header: `Authorization: ApiKey <base64-encoded-key>`.",
      "condition": "",
      "sources": []
    },
    {
      "action": "Use a valid username and password in the request: `curl -u username:password https://localhost:9200/_cluster/health`.",
      "success_rate": 0.9,
      "how": "Use a valid username and password in the request: `curl -u username:password https://localhost:9200/_cluster/health`.",
      "condition": "",
      "sources": []
    },
    {
      "action": "Configure the client with a service account token: `PUT _security/service/elastic/kibana/credential/token` and use it in requests.",
      "success_rate": 0.92,
      "how": "Configure the client with a service account token: `PUT _security/service/elastic/kibana/credential/token` and use it in requests.",
      "condition": "",
      "sources": []
    }
  ],
  "workarounds_zh": [
    "通过 Kibana 或 `POST /_security/api_key` 端点生成新的 API 密钥，并将其包含在 `Authorization` 头中：`Authorization: ApiKey <base64编码的密钥>`。",
    "在请求中使用有效的用户名和密码：`curl -u username:password https://localhost:9200/_cluster/health`。",
    "使用服务账户令牌配置客户端：`PUT _security/service/elastic/kibana/credential/token`，并在请求中使用。"
  ],
  "transition_graph": {
    "leads_to": [],
    "preceded_by": [],
    "frequently_confused_with": []
  },
  "official_doc_url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-authenticate.html",
  "official_doc_section": null,
  "error_code": null,
  "verification_tier": "ai_generated",
  "confidence": 0.87,
  "fix_success_rate": 0.95,
  "resolvable": "true",
  "first_seen": "2023-11-20",
  "last_confirmed": "2024-06-01",
  "last_updated": "2024-06-01",
  "evidence_count": 1,
  "tags": [],
  "locale": "en",
  "aliases": []
}