Change passwords API

edit

Changes the passwords of users in the native realm and built-in users.

Request

edit

POST /_security/user/_password

POST /_security/user/<username>/_password

Prerequisites

edit
  • Every user can change their own password. Users with the manage_security privilege can change passwords of other users.

Description

edit

You can use the create user API to update everything but a user’s username and password. This API changes a user’s password.

For more information about the native realm, see Realms and Native user authentication.

Path parameters

edit
username
(Optional, string) The user whose password you want to change. If you do not specify this parameter, the password is changed for the current user.

Request body

edit
password
(Required, string) The new password value.

Examples

edit

The following example updates the password for the jacknich user:

POST /_security/user/jacknich/_password
{
  "password" : "s3cr3t"
}

A successful call returns an empty JSON structure.

{}