User Operations
Topics
Password Management
For Native Authentication Users:
Administrator Reset:
Select user account
Click Reset Password
Generate temporary password
Send credentials via secure channel
Force password change on next login
Self-Service Reset:
User clicks Forgot Password on login page
Enter username/email
Follow email instructions
Create new password meeting policy requirements
Password Policy Configuration:
Minimum length: 8-20 characters
Complexity: uppercase, lowercase, numbers, symbols
History: 5-10 previous passwords
Expiration: 30-180 days
Lockout: 3-10 failed attempts
Account Management
Account Lockout Recovery:
Navigate to User Management → Locked Accounts
Review lockout reason and timestamp
Verify user identity through alternative channel
Click Unlock Account
Reset password if security incident suspected
Document unlock reason for audit
Temporary Access Grants:
curl -X POST "https://els-console:9200/api/v1/users/john.doe/elevate" \
-H "Authorization: Bearer API_KEY" \
-d '{
"elevated_role": "incident_commander",
"duration_hours": 8,
"justification": "Security incident INC-2024-001",
"auto_revoke": true
}'
API Key Management
Generate API Key:
Navigate to API Management → Generate New Key
Configure:
Name: Descriptive identifier
Scope: Specific permissions
Expiration: 30-365 days
Rate Limits: Requests per minute
IP Restrictions: Allowed source IPs
Key Security:
curl -H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
"https://els-console:9200/api/v1/alerts?status=open"
Rate Limiting Configuration:
Default: 100 requests/minute
Search operations: 10 requests/minute
Data export: 5 requests/hour
Administrative operations: 1000 requests/minute