Blog

Creating and Managing Users in Elasticsearch

This article dives into creating and managing users in Elasticsearch, focusing on the built-in functionality provided by the security features.

Basics
JG
By: Jessica Garson

On

Introduction

Elasticsearch, a robust and flexible search and analytics engine, provides a comprehensive security model for managing users. This article will delve into creating and managing users in Elasticsearch, focusing on the built-in functionality provided by the security features.

Understanding Elasticsearch User Management

Elasticsearch’s security features allow you to easily manage users and their roles. Users in Elasticsearch are entities that can authenticate (to ensure that they are who they say they are) and are authorized (have the needed permissions to perform certain actions). The process of creating a user involves defining the user’s credentials and assigning appropriate roles.

Creating a User in Elasticsearch

Creating a user in Elasticsearch involves using the Elasticsearch create user API. Here is a step-by-step guide on how to create a user:

  1. Access the Elasticsearch API: You can access the Elasticsearch API through the command line using a tool like curl or through Kibana Dev Tools.
  2. Use the Create User API: The Create User API is a POST request to the _security/user/<username> endpoint. Replace <username> with the desired username.
  3. Define User Credentials: In the body of the POST request, define the user’s credentials. This includes the password field and optionally the roles field. The roles field defines what actions the user can perform in Elasticsearch.

Here is an example of a Create User API request:

POST _security/user/jdoe
{
 "password" : "jdoe_password",
 "roles" : [ "admin", "other_role1" ],
 "full_name" : "John Doe",
 "email" : "john.doe@example.com",
 "metadata" : {
   "intelligence" : 7
 },
 "enabled": true
}

In this example, a user named jdoe is created with the password jdoe_password. The user is assigned two roles, admin and other_role1 (the assigned roles must exist before creating the user), and additional information is provided in the full_name, email, and metadata fields.

Managing Users in Elasticsearch

Once a user is created, you can manage the user through the Elasticsearch API. This includes changing a user’s password, updating a user’s roles, and disabling a user.

To change a user’s password, use the Change Password API. This is a PUT request to the _security/user/<username>/_password endpoint. In the body of the request, provide the new password as shown below:

POST /_security/user/jdoe/_password
{
 "password" : "new_jdoe_password"
}

To update a user’s roles, use the Update User API. This is a PUT request to the _security/user/<username> endpoint. In the body of the request, provide the updated roles as shown below:

PUT /_security/user/jdoe
{
 "roles" : [ "admin", "other_role1", "other_role2" ]
}

To disable a user, use the Disable User API as shown below:

PUT /_security/user/jdoe/_disable

Finally, the re-enable a disabled user, use the Enable User API:

PUT /_security/user/jdoe/_enable

Conclusion

In conclusion, Elasticsearch provides a comprehensive and flexible user management system. By understanding how to create and manage users, you can effectively control who has access to your Elasticsearch data and what actions they can perform.

Ready to try this out on your own? Start a free trial.

Want to get Elastic certified? Find out when the next Elasticsearch Engineer training is running!

Related content

Running cloud-native Elasticsearch with ECK
Basics

September 5, 2025

Running cloud-native Elasticsearch with ECK

Learn how to provision a GKE cluster with Terraform and run the Elastic Stack on Kubernetes using ECK.

ER
By: Eva Ramon
Using UBI in Elasticsearch: Creating an app with UBI and search-ui
BasicsOperations

September 1, 2025

Using UBI in Elasticsearch: Creating an app with UBI and search-ui

Learn how to use UBI in Elasticsearch through a practical example. We’ll be creating an application that produces UBI events on search and click results.

EMAD
By: Eduard Martin and Alexander Dávila
Failure store: see what didn’t make it
Basics

August 13, 2025

Failure store: see what didn’t make it

Learn about failure store, a new feature in the Elastic Stack that captures and indexes previously lost events.

JBGH
By: James Baiera and Graham Hudgins
Elasticsearch shards and replicas: A practical guide
Basics

August 14, 2025

Elasticsearch shards and replicas: A practical guide

Master the concepts of Elasticsearch shards and replicas and learn how to optimize them.

PP
By: Piotr Przybyl
Working with your App Search data in a post Enterprise Search world
Basics

August 4, 2025

Working with your App Search data in a post Enterprise Search world

With Enterprise Search decommissioned in the Elastic Stack version 9, you can still work with your existing App Search data—we’ll show you how.

MH
By: Mark Hoy

Ready to build state of the art search experiences?

Sufficiently advanced search isn’t achieved with the efforts of one. Elasticsearch is powered by data scientists, ML ops, engineers, and many more who are just as passionate about search as your are. Let’s connect and work together to build the magical search experience that will get you the results you want.

Try it yourself