Change passwords

POST /_security/user/_password

Change the passwords of users in the native realm and built-in users.

Query parameters

  • refresh string

    If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

    Values are true, false, or wait_for.

application/json

Body Required

  • password string
  • A hash of the new password value. This must be produced using the same hashing algorithm as has been configured for password storage. For more details, see the explanation of the xpack.security.authc.password_hashing.algorithm setting.

Responses

  • 200 application/json

    Additional properties are allowed.

POST /_security/user/_password
curl \
 -X POST http://api.example.com/_security/user/_password \
 -H "Content-Type: application/json" \
 -d '{"password":"string","password_hash":"string"}'
Request examples
{
  "password": "string",
  "password_hash": "string"
}
Response examples (200)
{}