Authenticate APIedit

The Authenticate API enables you to submit a request with a basic auth header to authenticate a user and retrieve information about the authenticated user.


GET _xpack/security/_authenticate


A successful call returns a JSON structure that shows what roles are assigned to the user as well as any assigned metadata.

If the user cannot be authenticated, this API returns a 401 status code.


To authenticate a user, submit a GET request to the _xpack/security/_authenticate endpoint:

GET _xpack/security/_authenticate

The following example output provides information about the "rdeniro" user:

  "username": "rdeniro",
  "roles": [
  "full_name": null,
  "email":  null,
  "metadata": { },
  "enabled": true