elasticsearch/docs/reference/rest-api/security/get-builtin-privileges.asciidoc

[role="xpack"]
[[security-api-get-builtin-privileges]]
=== Get builtin privileges API
++++
<titleabbrev>Get builtin privileges</titleabbrev>
++++

Retrieves the list of <<privileges-list-cluster,cluster privileges>> and
<<privileges-list-indices,index privileges>> that are
available in this version of {es}.

[[security-api-get-builtin-privileges-request]]
==== {api-request-title}

`GET /_security/privilege/_builtin`


[[security-api-get-builtin-privileges-prereqs]]
==== {api-prereq-title}

* To use this API, you must have the `read_security` cluster privilege
(or a greater privilege such as `manage_security` or `all`).

[[security-api-get-builtin-privileges-desc]]
==== {api-description-title}

This API retrieves the set of cluster and index privilege names that are
available in the version of {es} that is being queried.

To check whether a user has particular privileges, use the
<<security-api-has-privileges,has privileges API>>.


[[security-api-get-builtin-privileges-response-body]]
==== {api-response-body-title}

The response is an object with two fields:

`cluster`:: (array of string) The list of
<<privileges-list-cluster,cluster privileges>> that are understood by this
version of {es}.

`index`:: (array of string) The list of
<<privileges-list-indices,index privileges>> that are understood by this version
of {es}.

`remote_cluster`:: (array of string) The list of
<<roles-remote-cluster-priv, remote_cluster>> privileges that are understood by this version
of {es}.

[[security-api-get-builtin-privileges-example]]
==== {api-examples-title}

The following example retrieves the names of all builtin privileges:

[source,console]
--------------------------------------------------
GET /_security/privilege/_builtin
--------------------------------------------------

A successful call returns an object with "cluster", "index", and "remote_cluster" fields.

[source,console-result]
--------------------------------------------------
{
  "cluster" : [
    "all",
    "cancel_task",
    "create_snapshot",
    "cross_cluster_replication",
    "cross_cluster_search",
    "delegate_pki",
    "grant_api_key",
    "manage",
    "manage_api_key",
    "manage_autoscaling",
    "manage_behavioral_analytics",
    "manage_ccr",
    "manage_data_frame_transforms",
    "manage_data_stream_global_retention",
    "manage_enrich",
    "manage_ilm",
    "manage_index_templates",
    "manage_inference",
    "manage_ingest_pipelines",
    "manage_logstash_pipelines",
    "manage_ml",
    "manage_oidc",
    "manage_own_api_key",
    "manage_pipeline",
    "manage_rollup",
    "manage_saml",
    "manage_search_application",
    "manage_search_query_rules",
    "manage_search_synonyms",
    "manage_security",
    "manage_service_account",
    "manage_slm",
    "manage_token",
    "manage_transform",
    "manage_user_profile",
    "manage_watcher",
    "monitor",
    "monitor_data_frame_transforms",
    "monitor_data_stream_global_retention",
    "monitor_enrich",
    "monitor_inference",
    "monitor_ml",
    "monitor_rollup",
    "monitor_snapshot",
    "monitor_text_structure",
    "monitor_transform",
    "monitor_watcher",
    "none",
    "post_behavioral_analytics_event",
    "read_ccr",
    "read_connector_secrets",
    "read_fleet_secrets",
    "read_ilm",
    "read_pipeline",
    "read_security",
    "read_slm",
    "transport_client",
    "write_connector_secrets",
    "write_fleet_secrets"
  ],
  "index" : [
    "all",
    "auto_configure",
    "create",
    "create_doc",
    "create_index",
    "cross_cluster_replication",
    "cross_cluster_replication_internal",
    "delete",
    "delete_index",
    "index",
    "maintenance",
    "manage",
    "manage_data_stream_lifecycle",
    "manage_follow_index",
    "manage_ilm",
    "manage_leader_index",
    "monitor",
    "none",
    "read",
    "read_cross_cluster",
    "view_index_metadata",
    "write"
  ],
  "remote_cluster" : [
    "monitor_enrich"
  ]
}
--------------------------------------------------