WARNING: Version 5.4 of the Elastic Stack has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Incoming requests are considered to be anonymous if no authentication token
can be extracted from the incoming request. By default, anonymous requests are rejected and an authentication error is returned (status code
To enable anonymous access, you assign one or more roles to anonymous
users in the
elasticsearch.yml configuration file. For example, the following
configuration assigns anonymous users
The username/principal of the anonymous user. Defaults to
The roles to associate with the anonymous user. If no roles are specified, anonymous access is disabled—anonymous requests will be rejected and return an authentication error.