[Entity Store v2] Update docs to comply with OpenAPI Specification (OAS)#262554
Merged
[Entity Store v2] Update docs to comply with OpenAPI Specification (OAS)#262554
Conversation
kubasobon
added
release_note:plugin_api_changes
4 tasks
…ana into document-entity-store-v2-api
Contributor
|
@coderabbitai full review |
Contributor
✅ Actions performedFull review triggered. |
Contributor
📝 WalkthroughWalkthroughThis pull request adds comprehensive OpenAPI documentation and specifications for the Entity Store plugin. It introduces 15+ new API endpoints under ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Warning Review ran into problems🔥 ProblemsGit: Failed to clone repository. Please run the Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@oas_docs/output/kibana.serverless.yaml`:
- Around line 59313-59324: The OpenAPI spec is missing query parameter
declarations for several GET paths referenced in examples; update the path item
operations for GET /entities (add query parameters: entity_types, page,
per_page, sort_field, sort_order), GET /resolution/group (add entity_id), and
GET /status (add include_components) by adding proper parameters entries (in:
query, name, schema/type, required as appropriate, and description) to each
operation (look for the operations named GET /entities, GET /resolution/group,
and GET /status in the YAML) so the examples match the documented spec and
client codegen will include them.
- Around line 59505-59633: The POST and PUT operations for the path
/api/security/entity_store/entities/{entityType} are missing a path parameter
declaration for entityType; add a parameter object to both operations'
parameters array named "entityType" with in: path, required: true, description
(brief), and a schema (type: string) so the path parameter is explicitly defined
for OpenAPI validation and tooling; update the POST and PUT operation blocks
that reference /api/security/entity_store/entities/{entityType} accordingly.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 89ef12ba-0285-4e24-8293-3f5b9ba80f1f
📒 Files selected for processing (44)
.buildkite/scripts/steps/checks/capture_oas_snapshot.sh.buildkite/scripts/steps/code_generation/security_solution_codegen.shoas_docs/output/kibana.serverless.yamloas_docs/output/kibana.yamlx-pack/solutions/security/plugins/entity_store/common/domain/definitions/entity.gen.tsx-pack/solutions/security/plugins/entity_store/common/domain/definitions/entity.schema.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/check_privileges.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/crud/bulk_update.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/crud/create.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/crud/delete.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/crud/get.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/crud/update.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/entity_maintainers/get_maintainers.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/entity_maintainers/init.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/entity_maintainers/run.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/entity_maintainers/start.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/entity_maintainers/stop.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entities_bulk_update.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entities_create.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entities_delete.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entities_list.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entities_update.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entity_store_check_privileges.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entity_store_install.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entity_store_start.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entity_store_status.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entity_store_stop.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entity_store_uninstall.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/entity_store_update.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/resolution_group.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/resolution_link.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/examples/resolution_unlink.yamlx-pack/solutions/security/plugins/entity_store/server/routes/apis/force_ccs_extract_to_updates.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/force_history_snapshot.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/force_log_extraction.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/install/index.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/resolution/group.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/resolution/link.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/resolution/unlink.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/start.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/status.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/stop.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/uninstall.tsx-pack/solutions/security/plugins/entity_store/server/routes/apis/update.ts
Comment on lines
+59313
to
+59324
| /api/security/entity_store/entities: | ||
| get: | ||
| description: |- | ||
| **Spaces method and path for this operation:** | ||
|
|
||
| <div><span class="operation-verb get">get</span> <span class="operation-path">/s/{space_id}/api/security/entity_store/entities</span></div> | ||
|
|
||
| Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. | ||
|
|
||
| List entity records from the Entity Store with paging, sorting, and filtering. Supports two modes: page-based pagination (page/per_page) and cursor-based pagination (searchAfter). The two modes cannot be combined.<br/><br/>[Required authorization] Route required privileges: securitySolution. | ||
| operationId: get-security-entity-store-entities | ||
| parameters: [] |
Contributor
There was a problem hiding this comment.
Undocumented query parameters on GET endpoints.
Several GET operations have parameters: [] but curl/Console examples reference query params:
GET /entities:entity_types,page,per_page,sort_field,sort_order(line 59427)GET /resolution/group:entity_id(line 60008)GET /status:include_components(line 60323)
These should be declared for spec completeness and client codegen.
Also applies to: 59933-59944, 60258-60269
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@oas_docs/output/kibana.serverless.yaml` around lines 59313 - 59324, The
OpenAPI spec is missing query parameter declarations for several GET paths
referenced in examples; update the path item operations for GET /entities (add
query parameters: entity_types, page, per_page, sort_field, sort_order), GET
/resolution/group (add entity_id), and GET /status (add include_components) by
adding proper parameters entries (in: query, name, schema/type, required as
appropriate, and description) to each operation (look for the operations named
GET /entities, GET /resolution/group, and GET /status in the YAML) so the
examples match the documented spec and client codegen will include them.
Member
Author
There was a problem hiding this comment.
This is a comment on documentation generated by make api-docs.
The params are indeed missing, but there is a good cause for it. Routes using buildRouteValidationWithZod(), like we do for Entity Store routes, don't get their query/path parameters included in generated OAS docs. The function wraps the Zod schema in a closure, so the OAS generator can't see it, so it returns empty parameters.
This is not unique to our plugin. Claude helped me find examples of other plugins that use buildRouteValidationWithZod and have params in their routes:
- x-pack/platform/plugins/shared/evals/server/routes/datasets/get_dataset.ts
- x-pack/platform/plugins/shared/alerting_v2/server/routes/rules/get_rules_route.ts
- x-pack/solutions/security/plugins/elastic_assistant/
- x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/entity_details/routes/entity_details_highlight.ts
Switching to YAML-first schemas (like v1) isn't practical - v2 routes use runtime Zod features (preprocessing, cross-field validation) that YAML can't express.
Suggested fix: expose the original Zod schema on the function returned by buildRouteValidationWithZod, then unwrap it in the OAS converter before detection.
It's a small change, but requires updating 2 helper packages:
src/platform/packages/shared/kbn-zod-helpers/v4/build_route_validation_with_zod.tsto attach the Zod schema to the returned functionsrc/platform/packages/shared/kbn-router-to-openapispec/src/oas_converter/index.tsto check if the passed object is a function with attached Zod schema
I'd say this is outside of the scope of this ticket. I can raise a PR to fix it for everyone though.
cc: @uri-weisman
Contributor
There was a problem hiding this comment.
Seems like the humans are having a chat. I'll hop back into my burrow for now. If you need me again, just tag @coderabbitai in a new comment, and I'll come hopping out!
Contributor
There was a problem hiding this comment.
Not as part of this PR but you can drop a separate pr to fix it or ping Kibana-core.
Comment on lines
+59505
to
+59633
| /api/security/entity_store/entities/{entityType}: | ||
| post: | ||
| description: |- | ||
| **Spaces method and path for this operation:** | ||
|
|
||
| <div><span class="operation-verb post">post</span> <span class="operation-path">/s/{space_id}/api/security/entity_store/entities/{entityType}</span></div> | ||
|
|
||
| Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. | ||
|
|
||
| Create a new entity record in the Entity Store for the specified entity type.<br/><br/>[Required authorization] Route required privileges: securitySolution. | ||
| operationId: post-security-entity-store-entities-entitytype | ||
| parameters: | ||
| - description: A required header to protect against CSRF attacks | ||
| in: header | ||
| name: kbn-xsrf | ||
| required: true | ||
| schema: | ||
| example: 'true' | ||
| type: string | ||
| requestBody: | ||
| content: | ||
| application/json: | ||
| examples: | ||
| createHostEntityExample: | ||
| description: Create a new host entity record with basic host and entity fields. The entity identifier must match the auto-generated format for the entity type. | ||
| summary: Create a host entity | ||
| value: | ||
| asset: | ||
| business_unit: Engineering | ||
| criticality: high_impact | ||
| environment: production | ||
| entity: | ||
| attributes: | ||
| asset: true | ||
| managed: true | ||
| id: host:web-server-prod-01 | ||
| name: web-server-prod-01 | ||
| source: | ||
| - manual | ||
| type: host | ||
| host: | ||
| hostname: | ||
| - web-server-prod-01.example.com | ||
| ip: | ||
| - 10.0.1.42 | ||
| name: web-server-prod-01 | ||
| schema: {} | ||
| responses: | ||
| '200': | ||
| content: | ||
| application/json: | ||
| examples: | ||
| createSuccessExample: | ||
| description: The entity record was successfully created in the Entity Store. | ||
| summary: Entity created | ||
| value: | ||
| ok: true | ||
| description: Indicates the entity was successfully created. | ||
| '400': | ||
| content: | ||
| application/json: | ||
| examples: | ||
| euidMismatchExample: | ||
| description: The supplied entity identifier does not match the auto-generated identifier derived from the entity fields. | ||
| summary: Entity identifier mismatch | ||
| value: | ||
| error: Bad Request | ||
| message: 'Bad request: Supplied ID my-custom-id does not match generated EUID host:web-server-prod-01' | ||
| statusCode: 400 | ||
| description: Bad request. | ||
| '409': | ||
| content: | ||
| application/json: | ||
| examples: | ||
| conflictExample: | ||
| description: An entity with the specified identifier already exists. | ||
| summary: Entity already exists | ||
| value: | ||
| error: Conflict | ||
| message: Entity ID 'host:web-server-prod-01' already exists | ||
| statusCode: 409 | ||
| description: Conflict. | ||
| summary: Create an entity | ||
| tags: | ||
| - Security Entity Store | ||
| x-codeSamples: | ||
| - lang: curl | ||
| source: | | ||
| curl -X POST -H "kbn-xsrf: true" -H "Authorization: ApiKey ${API_KEY}" \ | ||
| -H "Content-Type: application/json" \ | ||
| -d '{"entity":{"id":"host:web-server-prod-01","name":"web-server-prod-01","type":"host","source":["manual"],"attributes":{"asset":true}},"host":{"name":"web-server-prod-01","ip":["10.0.1.42"]}}' \ | ||
| "${KIBANA_URL}/api/security/entity_store/entities/host" | ||
| - lang: Console | ||
| source: | | ||
| POST kbn://api/security/entity_store/entities/host | ||
| { | ||
| "entity": { | ||
| "id": "host:web-server-prod-01", | ||
| "name": "web-server-prod-01", | ||
| "type": "host", | ||
| "source": ["manual"], | ||
| "attributes": { "asset": true } | ||
| }, | ||
| "host": { | ||
| "name": "web-server-prod-01", | ||
| "ip": ["10.0.1.42"] | ||
| } | ||
| } | ||
| x-metaTags: | ||
| - content: Kibana, Elastic Cloud Serverless | ||
| name: product_name | ||
| put: | ||
| description: |- | ||
| **Spaces method and path for this operation:** | ||
|
|
||
| <div><span class="operation-verb put">put</span> <span class="operation-path">/s/{space_id}/api/security/entity_store/entities/{entityType}</span></div> | ||
|
|
||
| Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. | ||
|
|
||
| Update an existing entity record in the Entity Store. By default only certain fields can be updated. Set the force query parameter to true to update protected fields.<br/><br/>[Required authorization] Route required privileges: securitySolution. | ||
| operationId: put-security-entity-store-entities-entitytype | ||
| parameters: | ||
| - description: A required header to protect against CSRF attacks | ||
| in: header | ||
| name: kbn-xsrf | ||
| required: true | ||
| schema: | ||
| example: 'true' | ||
| type: string |
Contributor
There was a problem hiding this comment.
Missing entityType path parameter declaration.
The path /api/security/entity_store/entities/{entityType} uses {entityType} but neither the POST (line 59516) nor PUT (line 59626) operation declares it in parameters. Per OpenAPI 3.x, path parameters must be explicitly defined with in: path and required: true.
Proposed fix (add to both POST and PUT parameters)
parameters:
+ - description: The entity type (e.g., host, user, service, generic)
+ in: path
+ name: entityType
+ required: true
+ schema:
+ type: string
+ enum:
+ - host
+ - user
+ - service
+ - generic
- description: A required header to protect against CSRF attacks
in: header
name: kbn-xsrf🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@oas_docs/output/kibana.serverless.yaml` around lines 59505 - 59633, The POST
and PUT operations for the path /api/security/entity_store/entities/{entityType}
are missing a path parameter declaration for entityType; add a parameter object
to both operations' parameters array named "entityType" with in: path, required:
true, description (brief), and a schema (type: string) so the path parameter is
explicitly defined for OpenAPI validation and tooling; update the POST and PUT
operation blocks that reference /api/security/entity_store/entities/{entityType}
accordingly.
Contributor
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
gh api repos/elastic/kibana/pulls/262554/comments --jq '.[] | select(.id == 3075623957) | {id: .id, body: .body, user: .user.login}'
Length of output: 1819
@kubasobon, thanks for the thorough explanation! That makes sense — the missing path parameters are a downstream symptom of buildRouteValidationWithZod() wrapping schemas in a closure that the OAS generator can't introspect, and it's a platform-wide gap rather than something fixable in this generated file.
Would you like me to open a follow-up GitHub issue to track the suggested fix (exposing the Zod schema on the returned function in kbn-zod-helpers + unwrapping it in kbn-router-to-openapispec)?
✏️ Learnings added
Learnt from: kubasobon
Repo: elastic/kibana PR: 262554
File: oas_docs/output/kibana.serverless.yaml:59535-59663
Timestamp: 2026-04-13T20:31:44.883Z
Learning: In elastic/kibana, routes using `buildRouteValidationWithZod()` (e.g., Entity Store v2 routes and other plugins) will have their path/query parameters missing from generated OAS docs. This is because the function wraps the Zod schema in a closure that the OAS generator cannot introspect. It is a known platform-wide limitation and should not be flagged as a bug in individual PRs. The proposed fix is to expose the original Zod schema on the returned function in `src/platform/packages/shared/kbn-zod-helpers/v4/build_route_validation_with_zod.ts` and unwrap it in `src/platform/packages/shared/kbn-router-to-openapispec/src/oas_converter/index.ts`.
Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.
🧠 Learnings used
Learnt from: abhishekbhatia1710
Repo: elastic/kibana PR: 257046
File: x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/lead_generation/observation_modules/temporal_state_module.ts:95-135
Timestamp: 2026-03-26T08:35:49.327Z
Learning: In `x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/lead_generation/observation_modules/temporal_state_module.ts`, the `fetchPrivilegeEscalations` aggregation intentionally groups by `${entityType}.name` (not a stable entity ID) because pre-V2 Entity Store snapshot indices use the name field as the primary key and may not reliably contain `entity.id`. This is a known limitation to be revisited when snapshot indices are migrated to V2 format with guaranteed EUID/entity.id presence. Do not flag the name-based aggregation key as a bug.
Learnt from: CR
Repo: elastic/kibana PR: 0
File: x-pack/solutions/security/.cursor/rules/bug_validator.mdc:0-0
Timestamp: 2026-03-06T01:30:09.037Z
Learning: Applies to x-pack/solutions/security/plugins/security_solution/server/lib/entity_analytics/**/*.{ts,tsx} : For Security Solution Entity Analytics features (Risk Engine, Risk Scoring, Entity Store, Asset Criticality, Privileged User Monitoring), trace bugs through the specific sub-area code paths: server/lib/entity_analytics/<feature>/ for server logic and public/entity_analytics/ for UI, and cross-reference with the Entity Analytics Sub-areas mapping
jbudz
reviewed
Apr 13, 2026
![macroscopeapp[bot]](https://avatars.githubusercontent.com/in/900172?s=60&v=4){kind=small}
Member
Author
|
@natasha-moore-elastic yes, unfortunately all those elements (body, path, query) are missing due to a bug. I've opened #263354 to fix it. |
natasha-moore-elastic
approved these changes
Apr 17, 2026
uri-weisman
approved these changes
Apr 19, 2026
Contributor
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]Page load bundle
History
cc @kubasobon |
kubasobon
added
backport:version
Contributor
|
Starting backport for target branches: 9.4 https://github.com/elastic/kibana/actions/runs/24659914734 |
Contributor
|
Starting backport for target branches: 9.4 https://github.com/elastic/kibana/actions/runs/24659914733 |
kibanamachine
added a commit
to kibanamachine/kibana
that referenced
this pull request
Apr 20, 2026
…AS) (elastic#262554) ## Summary Updates Entity Store v2 API to be compliant with Kibana's OpenAPI Specification. Adds descriptions, curl commands, happy and error path examples. All `curl` commands and examples were manually tested against a local deployment. Towards elastic#258982 ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit 42f9830)
Contributor
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
to kibanamachine/kibana
that referenced
this pull request
Apr 20, 2026
…AS) (elastic#262554) ## Summary Updates Entity Store v2 API to be compliant with Kibana's OpenAPI Specification. Adds descriptions, curl commands, happy and error path examples. All `curl` commands and examples were manually tested against a local deployment. Towards elastic#258982 ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit 42f9830)
Contributor
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Apr 20, 2026
…ion (OAS) (#262554) (#264356) # Backport This will backport the following commits from `main` to `9.4`: - [[Entity Store v2] Update docs to comply with OpenAPI Specification (OAS) (#262554)](#262554) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Kuba Soboń","email":"wtty.fool@gmail.com"},"sourceCommit":{"committedDate":"2026-04-20T08:13:30Z","message":"[Entity Store v2] Update docs to comply with OpenAPI Specification (OAS) (#262554)\n\n## Summary\n\nUpdates Entity Store v2 API to be compliant with Kibana's OpenAPI\nSpecification. Adds descriptions, curl commands, happy and error path\nexamples. All `curl` commands and examples were manually tested against\na local deployment.\n\nTowards #258982\n\n### Checklist\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [x]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"42f9830d959987b13f745d349ea083020d2da9a1","branchLabelMapping":{"^v9.5.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:plugin_api_changes","backport:version","v9.4.0","v9.5.0"],"title":"[Entity Store v2] Update docs to comply with OpenAPI Specification (OAS)","number":262554,"url":"https://github.com/elastic/kibana/pull/262554","mergeCommit":{"message":"[Entity Store v2] Update docs to comply with OpenAPI Specification (OAS) (#262554)\n\n## Summary\n\nUpdates Entity Store v2 API to be compliant with Kibana's OpenAPI\nSpecification. Adds descriptions, curl commands, happy and error path\nexamples. All `curl` commands and examples were manually tested against\na local deployment.\n\nTowards #258982\n\n### Checklist\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [x]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"42f9830d959987b13f745d349ea083020d2da9a1"}},"sourceBranch":"main","suggestedTargetBranches":["9.4"],"targetPullRequestStates":[{"branch":"9.4","label":"v9.4.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.5.0","branchLabelMappingKey":"^v9.5.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/262554","number":262554,"mergeCommit":{"message":"[Entity Store v2] Update docs to comply with OpenAPI Specification (OAS) (#262554)\n\n## Summary\n\nUpdates Entity Store v2 API to be compliant with Kibana's OpenAPI\nSpecification. Adds descriptions, curl commands, happy and error path\nexamples. All `curl` commands and examples were manually tested against\na local deployment.\n\nTowards #258982\n\n### Checklist\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [x]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"42f9830d959987b13f745d349ea083020d2da9a1"}}]}] BACKPORT--> Co-authored-by: Kuba Soboń <wtty.fool@gmail.com>
tobio
reviewed
Apr 21, 2026
|
|
||
| Create a new entity record in the Entity Store for the specified entity type.<br/><br/>[Required authorization] Route required privileges: securitySolution. | ||
| operationId: post-security-entity-store-entities-entitytype | ||
| parameters: |
Member
There was a problem hiding this comment.
These routes are invalid since the entityType parameter isn't defined here.
@kubasobon any chance you can create a follow up PR to fix up the spec here?
kubasobon
added a commit
that referenced
this pull request
Apr 21, 2026
…RouteValidationWithZod (#263354) ## Summary When working on <#262554> we have discovered both path and query parameters missing from generated OAS docs, despite being defined in the route itself. I have tracked the issue down to `buildRouteValidationWithZod` function obscuring the Zod schema. This PR aims to fix this issue by attaching the original, source schema to the output of `buildRouteValidationWithZod` and adding code to try and unwrap it in the `kbn-router-to-openapispec` code. This has no influence on existing code, other than correctly handling the routes with `buildRouteValidationWithZod`. ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
kibanamachine
added a commit
to kibanamachine/kibana
that referenced
this pull request
Apr 21, 2026
…RouteValidationWithZod (elastic#263354) ## Summary When working on <elastic#262554> we have discovered both path and query parameters missing from generated OAS docs, despite being defined in the route itself. I have tracked the issue down to `buildRouteValidationWithZod` function obscuring the Zod schema. This PR aims to fix this issue by attaching the original, source schema to the output of `buildRouteValidationWithZod` and adding code to try and unwrap it in the `kbn-router-to-openapispec` code. This has no influence on existing code, other than correctly handling the routes with `buildRouteValidationWithZod`. ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit f50036c)
kibanamachine
added a commit
that referenced
this pull request
Apr 21, 2026
… buildRouteValidationWithZod (#263354) (#264675) # Backport This will backport the following commits from `main` to `9.4`: - [[Zod Helper][OAS Docs] Fix OAS docs generation for routes using buildRouteValidationWithZod (#263354)](#263354) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Kuba Soboń","email":"wtty.fool@gmail.com"},"sourceCommit":{"committedDate":"2026-04-21T11:41:12Z","message":"[Zod Helper][OAS Docs] Fix OAS docs generation for routes using buildRouteValidationWithZod (#263354)\n\n## Summary\n\nWhen working on <#262554> we have\ndiscovered both path and query parameters missing from generated OAS\ndocs, despite being defined in the route itself. I have tracked the\nissue down to `buildRouteValidationWithZod` function obscuring the Zod\nschema.\n\nThis PR aims to fix this issue by attaching the original, source schema\nto the output of `buildRouteValidationWithZod` and adding code to try\nand unwrap it in the `kbn-router-to-openapispec` code. This has no\ninfluence on existing code, other than correctly handling the routes\nwith `buildRouteValidationWithZod`.\n\n\n### Checklist\n\nCheck the PR satisfies following conditions.\n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"f50036c6f1821d5dcf42158e30b3ec611ce94135","branchLabelMapping":{"^v9.5.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["technical debt","release_note:skip","backport:version","v9.4.0","v9.5.0"],"title":"[Zod Helper][OAS Docs] Fix OAS docs generation for routes using buildRouteValidationWithZod","number":263354,"url":"https://github.com/elastic/kibana/pull/263354","mergeCommit":{"message":"[Zod Helper][OAS Docs] Fix OAS docs generation for routes using buildRouteValidationWithZod (#263354)\n\n## Summary\n\nWhen working on <#262554> we have\ndiscovered both path and query parameters missing from generated OAS\ndocs, despite being defined in the route itself. I have tracked the\nissue down to `buildRouteValidationWithZod` function obscuring the Zod\nschema.\n\nThis PR aims to fix this issue by attaching the original, source schema\nto the output of `buildRouteValidationWithZod` and adding code to try\nand unwrap it in the `kbn-router-to-openapispec` code. This has no\ninfluence on existing code, other than correctly handling the routes\nwith `buildRouteValidationWithZod`.\n\n\n### Checklist\n\nCheck the PR satisfies following conditions.\n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"f50036c6f1821d5dcf42158e30b3ec611ce94135"}},"sourceBranch":"main","suggestedTargetBranches":["9.4"],"targetPullRequestStates":[{"branch":"9.4","label":"v9.4.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.5.0","branchLabelMappingKey":"^v9.5.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/263354","number":263354,"mergeCommit":{"message":"[Zod Helper][OAS Docs] Fix OAS docs generation for routes using buildRouteValidationWithZod (#263354)\n\n## Summary\n\nWhen working on <#262554> we have\ndiscovered both path and query parameters missing from generated OAS\ndocs, despite being defined in the route itself. I have tracked the\nissue down to `buildRouteValidationWithZod` function obscuring the Zod\nschema.\n\nThis PR aims to fix this issue by attaching the original, source schema\nto the output of `buildRouteValidationWithZod` and adding code to try\nand unwrap it in the `kbn-router-to-openapispec` code. This has no\ninfluence on existing code, other than correctly handling the routes\nwith `buildRouteValidationWithZod`.\n\n\n### Checklist\n\nCheck the PR satisfies following conditions.\n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"f50036c6f1821d5dcf42158e30b3ec611ce94135"}}]}] BACKPORT--> Co-authored-by: Kuba Soboń <wtty.fool@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Updates Entity Store v2 API to be compliant with Kibana's OpenAPI Specification. Adds descriptions, curl commands, happy and error path examples. All
curlcommands and examples were manually tested against a local deployment.Towards #258982
Checklist
release_note:*label is applied per the guidelinesbackport:*labels.