diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/rest/action/RestAuthenticateAction.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/rest/action/RestAuthenticateAction.java
index d769e54edfc..6f03f4778d4 100644
--- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/rest/action/RestAuthenticateAction.java
+++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/rest/action/RestAuthenticateAction.java
@@ -34,7 +34,7 @@ public class RestAuthenticateAction extends BaseRestHandler {
     public RestAuthenticateAction(Settings settings, RestController controller, Client client, SecurityContext securityContext) {
         super(settings, client);
         this.securityContext = securityContext;
-        controller.registerHandler(GET, "/_xpack/security/authenticate", this); // deprecate
+        controller.registerHandler(GET, "/_xpack/security/_authenticate", this);
     }
 
     @Override
diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java
index 1395aac78a4..23cdaf239be 100644
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java
@@ -47,7 +47,7 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase {
     }
 
     public void testAuthenticateApi() throws Exception {
-        HttpResponse response = httpClient().method("GET").path("/_xpack/security/authenticate")
+        HttpResponse response = httpClient().method("GET").path("/_xpack/security/_authenticate")
                 .addHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME,
                         new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))
                 .execute();
@@ -61,7 +61,7 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase {
     }
 
     public void testAuthenticateApiWithoutAuthentication() throws Exception {
-        HttpResponse response = httpClient().method("GET").path("/_xpack/security/authenticate")
+        HttpResponse response = httpClient().method("GET").path("/_xpack/security/_authenticate")
                 .execute();
 
         if (anonymousEnabled) {
diff --git a/elasticsearch/x-pack/shield/src/test/resources/rest-api-spec/api/xpack.security.authenticate.json b/elasticsearch/x-pack/shield/src/test/resources/rest-api-spec/api/xpack.security.authenticate.json
index c72c132778c..ff4df7239f5 100644
--- a/elasticsearch/x-pack/shield/src/test/resources/rest-api-spec/api/xpack.security.authenticate.json
+++ b/elasticsearch/x-pack/shield/src/test/resources/rest-api-spec/api/xpack.security.authenticate.json
@@ -3,8 +3,8 @@
     "documentation": "Retrieve details about the currently authenticated user",
     "methods": [ "GET" ],
     "url": {
-      "path": "/_xpack/security/authenticate",
-      "paths": [ "/_xpack/security/authenticate" ],
+      "path": "/_xpack/security/_authenticate",
+      "paths": [ "/_xpack/security/_authenticate" ],
       "parts": {},
       "params": {}
     },