Home Explore Help
Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 2d4a49af53
Branches Tags
elasticsearch
/
docs
/
reference
/
rest-api
/
security
/
change-password.asciidoc

change-password.asciidoc 2.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. [role="xpack"]
    2. 

  2. [[security-api-change-password]]
    3. 

  3. === Change passwords API
    4. 

  4. ++++
    5. 

  5. <titleabbrev>Change passwords</titleabbrev>
    6. 

  6. ++++
    7. 

  7. 

  8. Changes the passwords of users in the native realm and built-in users.
    9. 

  9. 

  10. [[security-api-change-password-request]]
    11. 

  11. ==== {api-request-title}
    12. 

  12. 

  13. `POST /_security/user/_password` +
    14. 

  14. 

  15. `POST /_security/user/<username>/_password`
    16. 

  16. 

  17. 

  18. [[security-api-change-password-prereqs]]
    19. 

  19. ==== {api-prereq-title}
    20. 

  20. 

  21. * Every user can change their own password. Users with the `manage_security`
    22. 

  22. privilege can change passwords of other users.
    23. 

  23. 

  24. [[security-api-change-password-desc]]
    25. 

  25. ==== {api-description-title}
    26. 

  26. 

  27. You can use the <<security-api-put-user,create user API>> to update everything
    28. 

  28. but a user's `username` and `password`. This API changes a user's password.
    29. 

  29. 

  30. For more information about the native realm, see
    31. 

  31. <<realms>> and <<native-realm>>.
    32. 

  32. 

  33. 

  34. [[security-api-change-password-path-params]]
    35. 

  35. ==== {api-path-parms-title}
    36. 

  36. 

  37. `username`::
    38. 

  38.   (Optional, string) The user whose password you want to change. If you do not specify
    39. 

  39.   this parameter, the password is changed for the current user.
    40. 

  40. 

  41. 

  42. [[security-api-change-password-request-body]]
    43. 

  43. ==== {api-request-body-title}
    44. 

  44. 

  45. `password` ::
    46. 

  46. (string) The new password value. Passwords must be at least 6 characters long.
    47. 

  47. +
    48. 

  48. One of `password` or `password_hash` is required.
    49. 

  49. 

  50. `password_hash` ::
    51. 

  51. (string) A _hash_ of the new password value. This must be produced using the
    52. 

  52. same hashing algorithm as has been configured for password storage. For more
    53. 

  53. details, see the explanation of the
    54. 

  54. `xpack.security.authc.password_hashing.algorithm` setting in
    55. 

  55. <<hashing-settings>>.
    56. 

  56. +
    57. 

  57. Using this parameter allows the client to pre-hash the password for
    58. 

  58. performance and/or confidentiality reasons.
    59. 

  59. +
    60. 

  60. The `password` parameter and the `password_hash` parameter cannot be
    61. 

  61. used in the same request.
    62. 

  62. 

  63. 

  64. [[security-api-change-password-example]]
    65. 

  65. ==== {api-examples-title}
    66. 

  66. 

  67. The following example updates the password for the `jacknich` user:
    68. 

  68. 

  69. [source,console]
    70. 

  70. --------------------------------------------------
    71. 

  71. POST /_security/user/jacknich/_password
    72. 

  72. {
    73. 

  73.   "password" : "new-test-password"
    74. 

  74. }
    75. 

  75. --------------------------------------------------
    76. 

  76. // TEST[setup:jacknich_user]
    77. 

  77. 

  78. A successful call returns an empty JSON structure.
    79. 

  79. 

  80. [source,console-result]
    81. 

  81. --------------------------------------------------
    82. 

  82. {}
    83. 

  83. --------------------------------------------------
    84.