- Legacy APM Server Reference:
- Overview
- Get started
- Set up
- How-to guides
- Configure
- Secure
- Monitor
- API
- Explore data in Elasticsearch
- Exported fields
- APM Application Metrics fields
- APM Error fields
- APM Profile fields
- APM Sourcemap fields
- APM Span fields
- APM Span Metrics fields
- APM Transaction fields
- APM Transaction Metrics fields
- APM Transaction Metrics fields
- Beat fields
- Cloud provider metadata fields
- Docker fields
- ECS fields
- Host fields
- Kubernetes fields
- Process fields
- System Metrics fields
- Troubleshoot
- Upgrade
- Release notes
- APM Server version 7.15
- APM Server version 7.14
- APM Server version 7.13
- APM Server version 7.12
- APM Server version 7.11
- APM Server version 7.10
- APM Server version 7.9
- APM Server version 7.8
- APM Server version 7.7
- APM Server version 7.6
- APM Server version 7.5
- APM Server version 7.4
- APM Server version 7.3
- APM Server version 7.2
- APM Server version 7.1
- APM Server version 7.0
- APM Server version 6.8
- APM Server version 6.7
- APM Server version 6.6
- APM Server version 6.5
- APM Server version 6.4
- APM Server version 6.3
- APM Server version 6.2
- APM Server version 6.1
- APM integration (Elastic Agent)
Secure communication with APM agents
editSecure communication with APM agents
editCommunication between APM agents and Elastic Agent can be both encrypted and authenticated. It is strongly recommended to use both TLS encryption and authentication as secrets are sent as plain text.
As soon as an authenticated communication is enabled, requests without a valid token or API key will be denied. If both API keys and a secret token are enabled, APM agents can choose whichever mechanism they support.
In some use-cases, like when an APM agent is running on the client side, authentication is not possible. See Anonymous authentication for more information.
Was this helpful?
Thank you for your feedback.