# Find API keys with a query


**POST /_security/_query/api_key**

**All methods and paths for this operation:**

<div>
                      <span class="operation-verb get">GET</span>
                      <span class="operation-path">/_security/_query/api_key</span>
                      </div>
                    <div>
                      <span class="operation-verb post">POST</span>
                      <span class="operation-path">/_security/_query/api_key</span>
                      </div>
                    

Get a paginated list of API keys and their information.
You can optionally filter the results with a query.

To use this API, you must have at least the `manage_own_api_key` or the `read_security` cluster privileges.
If you have only the `manage_own_api_key` privilege, this API returns only the API keys that you own.
If you have the `read_security`, `manage_api_key`, or greater privileges (including `manage_security`), this API returns all API keys regardless of ownership.
Refer to the linked documentation for examples of how to find API keys:

## Required authorization

* Cluster privileges: `manage_own_api_key`,`read_security`


[External documentation](https://www.elastic.co/docs/reference/elasticsearch/rest-apis/query-api-keys)

## Servers
- http://api.example.com: http://api.example.com ()


## Authentication methods
- Api key auth


## Parameters


#### Query parameters
- **with_limited_by** (boolean)
  Return the snapshot of the owner user's role descriptors associated with the API key.
An API key's actual permission is the intersection of its assigned role descriptors and the owner user's role descriptors (effectively limited by it).
An API key cannot retrieve any API key’s limited-by role descriptors (including itself) unless it has `manage_api_key` or higher privileges.
- **with_profile_uid** (boolean)
  Determines whether to also retrieve the profile UID for the API key owner principal.
If it exists, the profile UID is returned under the `profile_uid` response field for each API key.
- **typed_keys** (boolean)
  Determines whether aggregation names are prefixed by their respective types in the response.

## Body parameters
Content-type: application/json

- **aggregations** (object)
  Any aggregations to run over the corpus of returned API keys.
Aggregations and queries work together. Aggregations are computed only on the API keys that match the query.
This supports only a subset of aggregation types, namely: `terms`, `range`, `date_range`, `missing`,
`cardinality`, `value_count`, `composite`, `filter`, and `filters`.
Additionally, aggregations only run over the same subset of fields that query works with.
- **query** (object)
  A query to filter which API keys to return.
If the query parameter is missing, it is equivalent to a `match_all` query.
The query supports a subset of query types, including `match_all`, `bool`, `term`, `terms`, `match`,
`ids`, `prefix`, `wildcard`, `exists`, `range`, and `simple_query_string`.
You can query the following public information associated with an API key: `id`, `type`, `name`,
`creation`, `expiration`, `invalidated`, `invalidation`, `username`, `realm`, and `metadata`.

NOTE: The queryable string values associated with API keys are internally mapped as keywords.
Consequently, if no `analyzer` parameter is specified for a `match` query, then the provided match query string is interpreted as a single keyword value.
Such a match query is hence equivalent to a `term` query.
- **from** (number)
  The starting document offset.
It must not be negative.
By default, you cannot page through more than 10,000 hits using the `from` and `size` parameters.
To page through more hits, use the `search_after` parameter.
- **sort** (string | object | array[string | object])
  The sort definition.
Other than `id`, all public fields of an API key are eligible for sorting.
In addition, sort can also be applied to the `_doc` field to sort by index order.
- **size** (number)
  The number of hits to return.
It must not be negative.
The `size` parameter can be set to `0`, in which case no API key matches are returned, only the aggregation results.
By default, you cannot page through more than 10,000 hits using the `from` and `size` parameters.
To page through more hits, use the `search_after` parameter.
- **search_after** (array[number | string | boolean | null])
  The search after definition.

## Responses
### 200: 

#### Body Parameters: application/json (object)
- **total** (number)
  The total number of API keys found.
- **count** (number)
  The number of API keys returned in the response.
- **api_keys** (array[object])
  A list of API key information.
- **aggregations** (object)
  The aggregations result, if requested.


[Powered by Bump.sh](https://bump.sh)