0
0
ElasticsearchHow-ToBeginner · 3 min read

How to Create User in Elasticsearch: Step-by-Step Guide

To create a user in Elasticsearch, use the PUT /_security/user/{username} API with a JSON body specifying the password and roles. This requires Elasticsearch security features enabled and proper privileges.
📐

Syntax

The syntax to create a user in Elasticsearch uses the PUT HTTP method on the /_security/user/{username} endpoint. You provide a JSON body with the user's password, roles, and optionally full_name and email.

  • username: The name of the user to create.
  • password: The user's password in plain text.
  • roles: Array of roles assigned to the user.
  • full_name (optional): User's full name.
  • email (optional): User's email address.
json
PUT /_security/user/{username}
{
  "password" : "user_password",
  "roles" : [ "role1", "role2" ],
  "full_name" : "User Full Name",
  "email" : "user@example.com"
}
💻

Example

This example creates a user named alice with password secret123 and assigns the built-in superuser role. It demonstrates the full request and expected success response.

json
PUT /_security/user/alice
{
  "password": "secret123",
  "roles": ["superuser"],
  "full_name": "Alice Smith",
  "email": "alice@example.com"
}
Output
{ "created": true }
⚠️

Common Pitfalls

Common mistakes when creating users in Elasticsearch include:

  • Not enabling security features, so the API is unavailable.
  • Using weak or empty passwords.
  • Assigning roles that do not exist or are misspelled.
  • Trying to create users without proper privileges.

Always ensure security is enabled and you have the manage_security privilege.

json
PUT /_security/user/bob
{
  "password": "",
  "roles": ["nonexistent_role"]
}

# Wrong: empty password and invalid role

PUT /_security/user/bob
{
  "password": "strongPass1",
  "roles": ["admin"]
}

# Right: valid password and existing role
📊

Quick Reference

FieldDescriptionExample
usernameName of the user to createalice
passwordUser's password in plain textsecret123
rolesArray of roles assigned to user["superuser"]
full_nameOptional full name of user"Alice Smith"
emailOptional email address"alice@example.com"

Key Takeaways

Use the PUT /_security/user/{username} API with JSON body to create users.
Always enable Elasticsearch security features before managing users.
Assign valid roles and provide a strong password for each user.
You need manage_security privileges to create or modify users.
Check the API response for confirmation that the user was created.

Related by keyword

How to Install Elasticsearch: Step-by-Step GuideGetting StartedHow to Configure Index Lifecycle in Elasticsearch: Step-by-Step GuideIndex SettingsHow to Start Elasticsearch: Quick Guide for BeginnersGetting StartedHow to Boost Field in Elasticsearch: Simple GuideFull Text SearchHow to Search with Synonyms in Elasticsearch: Simple GuideFull Text Search

Up next

What is Ingest Pipeline in Elasticsearch: Explanation and ExampleLogstash vs Ingest Pipeline: Key Differences and When to Use EachHow to Fix Circuit Breaker Exception in ElasticsearchHow to Fix Cluster Red Status in Elasticsearch Quickly

More in Security

How to Enable HTTPS in Elasticsearch SecurelyHow to Enable Security in Elasticsearch: Step-by-Step GuideHow to Set Up Authentication in Elasticsearch QuicklyHow to Use API Key in Elasticsearch for Secure Access