0
0
ElasticsearchHow-ToBeginner · 4 min read

How to Set Up Authentication in Elasticsearch Quickly

To set up authentication in Elasticsearch, enable the built-in security features by configuring xpack.security.enabled: true in the elasticsearch.yml file. Then, create users and assign roles using the elasticsearch-users tool or the Security API to control access.
📐

Syntax

Authentication setup in Elasticsearch mainly involves enabling security and managing users and roles.

  • xpack.security.enabled: true — turns on security features including authentication.
  • elasticsearch-users command — used to add, delete, or modify users.
  • Security API endpoints — allow programmatic user and role management.
bash / json
## Enable security in elasticsearch.yml
xpack.security.enabled: true

## Add a user with the command line tool
elasticsearch-users useradd <username> -p <password> -r <role>

## Example API call to create a user
PUT /_security/user/<username>
{
  "password" : "<password>",
  "roles" : ["<role>"]
}
💻

Example

This example shows how to enable authentication, create a user, and test login.

bash
# Step 1: Enable security in elasticsearch.yml
xpack.security.enabled: true

# Step 2: Restart Elasticsearch to apply changes

# Step 3: Create a user with the built-in tool
elasticsearch-users useradd alice -p alicepassword -r superuser

# Step 4: Test authentication with curl
curl -u alice:alicepassword -X GET "localhost:9200/_security/_authenticate"
Output
{ "username" : "alice", "roles" : [ "superuser" ], "full_name" : null, "email" : null, "metadata" : { }, "enabled" : true }
⚠️

Common Pitfalls

  • Forgetting to restart Elasticsearch after enabling xpack.security.enabled causes authentication to not work.
  • Not setting passwords for built-in users leads to login failures.
  • Using the wrong roles or missing role assignments prevents access to APIs.
  • Trying to use authentication without a license that supports security features (for older versions).
yaml
# Wrong: Not enabling security
# elasticsearch.yml
xpack.security.enabled: false

# Right: Enable security
xpack.security.enabled: true
📊

Quick Reference

StepCommand / SettingDescription
1xpack.security.enabled: trueEnable security features in elasticsearch.yml
2elasticsearch-users useradd -p -r Create a user with password and role
3curl -u : GET /_security/_authenticateTest authentication
4Assign roles carefullyEnsure users have correct permissions

Key Takeaways

Enable security by setting xpack.security.enabled to true in elasticsearch.yml.
Create users with passwords and assign roles using elasticsearch-users or Security API.
Restart Elasticsearch after configuration changes to activate authentication.
Test authentication with the _security/_authenticate API endpoint.
Avoid common mistakes like missing passwords or roles to ensure access.

Related by keyword

How to Bulk Index Documents in Elasticsearch QuicklyIndex and DocumentsHow to Create Index Alias in Elasticsearch QuicklyIndex and DocumentsHow to Create an Index in Elasticsearch Quickly and EasilyIndex and DocumentsHow to Delete an Index in Elasticsearch Quickly and SafelyIndex and DocumentsHow to List All Indexes in Elasticsearch QuicklyIndex and Documents

Up next

What is Ingest Pipeline in Elasticsearch: Explanation and ExampleLogstash vs Ingest Pipeline: Key Differences and When to Use EachHow to Fix Circuit Breaker Exception in ElasticsearchHow to Fix Cluster Red Status in Elasticsearch Quickly

More in Security

How to Create User in Elasticsearch: Step-by-Step GuideHow to Enable HTTPS in Elasticsearch SecurelyHow to Enable Security in Elasticsearch: Step-by-Step GuideHow to Use API Key in Elasticsearch for Secure Access