Change passwords Generally available

POST /_security/user/{username}/_password
Api key auth Basic auth Bearer auth

Change the passwords of users in the native realm and built-in users.

Path parameters

  • username string Required

    The user whose password you want to change. If you do not specify this parameter, the password is changed for the current user.

Query parameters

  • refresh string

    If true (the default) then refresh the affected shards to make this operation visible to search, if wait_for then wait for a refresh to make this operation visible to search, if false then do nothing with refreshes.

    Values are true, false, or wait_for.

application/json

Body Required

  • password string
  • password_hash string

    A hash of the new password value. This must be produced using the same hashing algorithm as has been configured for password storage. For more details, see the explanation of the xpack.security.authc.password_hashing.algorithm setting.

Responses

  • 200 application/json
POST /_security/user/{username}/_password 
POST /_security/user/jacknich/_password { "password" : "new-test-password" }
resp = client.security.change_password( username="jacknich", password="new-test-password", )
const response = await client.security.changePassword({ username: "jacknich", password: "new-test-password", });
response = client.security.change_password( username: "jacknich", body: { "password": "new-test-password" } )
$resp = $client->security()->changePassword([ "username" => "jacknich", "body" => [ "password" => "new-test-password", ], ]);
curl -X POST -H "Authorization: ApiKey $ELASTIC_API_KEY" -H "Content-Type: application/json" -d '{"password":"new-test-password"}' "$ELASTICSEARCH_URL/_security/user/jacknich/_password"
Request example
Run `POST /_security/user/jacknich/_password` to update the password for the `jacknich` user. 
{ "password" : "new-test-password" }