Change passwords

POST /_security/user/_password
Api key auth Basic auth Bearer auth

Change the passwords of users in the native realm and built-in users.

Query parameters

  • refresh string

    If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

    Values are true, false, or wait_for.

application/json

Body Required

  • password string
  • password_hash string

    A hash of the new password value. This must be produced using the same hashing algorithm as has been configured for password storage. For more details, see the explanation of the xpack.security.authc.password_hashing.algorithm setting.

Responses

POST /_security/user/_password 
curl \
 --request POST http://api.example.com/_security/user/_password \
 --header "Authorization: $API_KEY" \
 --header "Content-Type: application/json" \
 --data '{"password":"string","password_hash":"string"}'
Request examples 
{
  "password": "string",
  "password_hash": "string"
}
Response examples (200) 
{}