Home Explore Help
Register Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 442fc1f3b6
Branches Tags
elasticsearch
/
docs
/
reference
/
rest-api
/
security
/
change-password.asciidoc

change-password.asciidoc 2.4 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889 
  1. [role="xpack"]
    2. 

  2. [[security-api-change-password]]
    3. 

  3. === Change passwords API
    4. 

  4. ++++
    5. 

  5. <titleabbrev>Change passwords</titleabbrev>
    6. 

  6. ++++
    7. 

  7. 

  8. .New API reference
    9. 

  9. [sidebar]
    10. 

  10. --
    11. 

  11. For the most up-to-date API details, refer to {api-es}/group/endpoint-security[Security APIs].
    12. 

  12. --
    13. 

  13. 

  14. Changes the passwords of users in the native realm and built-in users.
    15. 

  15. 

  16. [[security-api-change-password-request]]
    17. 

  17. ==== {api-request-title}
    18. 

  18. 

  19. `POST /_security/user/_password` +
    20. 

  20. 

  21. `POST /_security/user/<username>/_password`
    22. 

  22. 

  23. 

  24. [[security-api-change-password-prereqs]]
    25. 

  25. ==== {api-prereq-title}
    26. 

  26. 

  27. * Every user can change their own password. Users with the `manage_security`
    28. 

  28. privilege can change passwords of other users.
    29. 

  29. 

  30. [[security-api-change-password-desc]]
    31. 

  31. ==== {api-description-title}
    32. 

  32. 

  33. You can use the <<security-api-put-user,create user API>> to update everything
    34. 

  34. but a user's `username` and `password`. This API changes a user's password.
    35. 

  35. 

  36. For more information about the native realm, see
    37. 

  37. <<realms>> and <<native-realm>>.
    38. 

  38. 

  39. 

  40. [[security-api-change-password-path-params]]
    41. 

  41. ==== {api-path-parms-title}
    42. 

  42. 

  43. `username`::
    44. 

  44.   (Optional, string) The user whose password you want to change. If you do not specify
    45. 

  45.   this parameter, the password is changed for the current user.
    46. 

  46. 

  47. 

  48. [[security-api-change-password-request-body]]
    49. 

  49. ==== {api-request-body-title}
    50. 

  50. 

  51. `password` ::
    52. 

  52. (string) The new password value. Passwords must be at least 6 characters long.
    53. 

  53. +
    54. 

  54. One of `password` or `password_hash` is required.
    55. 

  55. 

  56. `password_hash` ::
    57. 

  57. (string) A _hash_ of the new password value. This must be produced using the
    58. 

  58. same hashing algorithm as has been configured for password storage. For more
    59. 

  59. details, see the explanation of the
    60. 

  60. `xpack.security.authc.password_hashing.algorithm` setting in
    61. 

  61. <<hashing-settings>>.
    62. 

  62. +
    63. 

  63. Using this parameter allows the client to pre-hash the password for
    64. 

  64. performance and/or confidentiality reasons.
    65. 

  65. +
    66. 

  66. The `password` parameter and the `password_hash` parameter cannot be
    67. 

  67. used in the same request.
    68. 

  68. 

  69. 

  70. [[security-api-change-password-example]]
    71. 

  71. ==== {api-examples-title}
    72. 

  72. 

  73. The following example updates the password for the `jacknich` user:
    74. 

  74. 

  75. [source,console]
    76. 

  76. --------------------------------------------------
    77. 

  77. POST /_security/user/jacknich/_password
    78. 

  78. {
    79. 

  79.   "password" : "new-test-password"
    80. 

  80. }
    81. 

  81. --------------------------------------------------
    82. 

  82. // TEST[setup:jacknich_user]
    83. 

  83. 

  84. A successful call returns an empty JSON structure.
    85. 

  85. 

  86. [source,console-result]
    87. 

  87. --------------------------------------------------
    88. 

  88. {}
    89. 

  89. --------------------------------------------------
    90.