WARNING: Version 6.1 of the Elastic Stack has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
The easiest way to manage and authenticate users is with the internal
realm. You can use the REST APIs or Kibana to add and remove users, assign user roles, and
manage user passwords.
Configuring a Native Realmedit
The native realm is added to the realm chain by default. You don’t need to explicitly configure a native realm to manage users through the REST APIs.
When you configure realms in
elasticsearch.yml, only the
realms you specify are used for authentication. To use the
native realm as a fallback, you must include it in the realm chain.
You can, however, configure options for the
native realm in the
xpack.security.authc.realms namespace in
configuring a native realm enables you to set the order in which it appears in
the realm chain, temporary disable the realm, and control its cache options.
To configure a native realm:
Add a realm configuration of type
xpack.security.authc.realmsnamespace. At a minimum, you must set the realm
native. If you are configuring multiple realms, you should also explicitly set the
orderattribute. See Native Realm Settings for all of the options you can set for the
For example, the following snippet shows a
nativerealm configuration that sets the
orderto zero so the realm is checked first:
xpack: security: authc: realms: native1: type: native order: 0
- Restart Elasticsearch.
X-Pack security enables you to easily manage users in Kibana on the Management / Security / Users page.
Alternatively, you can manage users through the
user API. For more
information and examples, see User Management APIs.
To migrate file-based users to the
native realm, use the
Intro to Kibana
ELK for Logs & Metrics