elasticsearch/docs/reference/rest-api/security/authenticate.asciidoc

[role="xpack"]
[[security-api-authenticate]]
=== Authenticate API
++++
<titleabbrev>Authenticate</titleabbrev>
++++

.New API reference
[sidebar]
--
For the most up-to-date API details, refer to {api-es}/group/endpoint-security[Security APIs].
--

Enables you to submit a request with a basic auth header to
authenticate a user and retrieve information about the authenticated user.


[[security-api-authenticate-request]]
==== {api-request-title}

`GET /_security/_authenticate`

[[security-api-authenticate-desc]]
==== {api-description-title}

A successful call returns a JSON structure that shows user information such as their username, the roles that are
assigned to the user, any assigned metadata, and information about the realms that authenticated and authorized the user.

[[security-api-authenticate-response-codes]]
==== {api-response-codes-title}

If the user cannot be authenticated, this API returns a 401 status code.

[[security-api-authenticate-example]]
==== {api-examples-title}

To authenticate a user, submit a GET request to the
`/_security/_authenticate` endpoint:

[source,console]
--------------------------------------------------
GET /_security/_authenticate
--------------------------------------------------

The following example output provides information about the "rdeniro" user:

[source,console-result]
--------------------------------------------------
{
  "username": "rdeniro",
  "roles": [
    "admin"
  ],
  "full_name": null,
  "email":  null,
  "metadata": { },
  "enabled": true,
  "authentication_realm": {
    "name" : "file",
    "type" : "file"
  },
  "lookup_realm": {
    "name" : "file",
    "type" : "file"
  },
  "authentication_type": "realm"
}
--------------------------------------------------
// TESTRESPONSE[s/"rdeniro"/"$body.username"/]
// TESTRESPONSE[s/"admin"/"_es_test_root"/]