- Shield Reference for 2.x and 1.x:
- Introduction
- Getting Started with Shield
- Installing Shield
- How Shield Works
- User Authentication
- How Authentication Works
- Enabling Anonymous Access [1.1.0] Added in 1.1.0.
- Native User Authentication
- LDAP User Authentication
- Active Directory User Authentication
- PKI User Authentication [1.3.0] Added in 1.3.0.
- File-based User Authentication
- Integrating with Other Authentication Systems
- Controlling the User Cache
- Role-based Access Control
- Auditing Security Events
- Securing Communications with Encryption and IP Filtering
- Configuring Clients and Integrations
- Managing Your License
- Example Shield Deployments
- Reference
- Limitations
- Troubleshooting
- Setting Up a Certificate Authority
- Release Notes
From version 5.0 onward, Shield is part of X-Pack. For more information, see
Securing the Elastic Stack.
Using Elasticsearch HTTP/REST Clients with Shield
editUsing Elasticsearch HTTP/REST Clients with Shield
editElasticsearch works with standard HTTP basic authentication headers to identify the requester. Since Elasticsearch is stateless, this header must be sent with every request:
Client examples
editThis example uses curl without basic auth to create an index:
curl -XPUT 'localhost:9200/idx'
{ "error": "AuthenticationException[Missing authentication token]", "status": 401 }
Since no user is associated with the request above, an authentication error is returned. Now we’ll use curl with
basic auth to create an index as the rdeniro user:
curl --user rdeniro:taxidriver -XPUT 'localhost:9200/idx'
{ "acknowledged": true }
Client Libraries over HTTP
editFor more information about how to use Shield with the language specific clients please refer to Ruby, Python, Perl, PHP, .NET, Javascript
On this page
Was this helpful?
Thank you for your feedback.