Create or update users API
editCreate or update users API
editAdds and updates users in the native realm. These users are commonly referred to as native users.
Description
editWhen updating a user, you can update everything but its username
and password
.
To change a user’s password, use the
change password API.
For more information about the native realm, see Realms and Configuring a native realm.
Path Parameters
edit-
username
(required) -
(string) An identifier for the user.
Usernames must be at least 1 and no more than 1024 characters. They can contain alphanumeric characters (
a-z
,A-Z
,0-9
), spaces, punctuation, and printable symbols in the Basic Latin (ASCII) block. Leading or trailing whitespace is not allowed.
Request Body
editThe following parameters can be specified in the body of a POST or PUT request:
-
enabled
-
(boolean) Specifies whether the user is enabled. The default value is
true
. -
email
- (string) The email of the user.
-
full_name
- (string) The full name of the user.
-
metadata
- (object) Arbitrary metadata that you want to associate with the user.
-
password
(required) - (string) The user’s password. Passwords must be at least 6 characters long.
-
roles
(required) -
(list) A set of roles the user has. The roles determine the user’s access
permissions. To create a user without any roles, specify an empty list:
[]
.
Authorization
editTo use this API, you must have at least the manage_security
cluster privilege.
Examples
editThe following example creates a user jacknich
:
POST /_xpack/security/user/jacknich { "password" : "j@rV1s", "roles" : [ "admin", "other_role1" ], "full_name" : "Jack Nicholson", "email" : "jacknich@example.com", "metadata" : { "intelligence" : 7 } }
A successful call returns a JSON structure that shows whether the user has been created or updated.
After you add a user, requests from that user can be authenticated. For example:
curl -u jacknich:j@rV1s http://localhost:9200/_cluster/health