[role="xpack"]
[[security-api-authenticate]]
=== Authenticate API

The Authenticate API enables you to submit a request with a basic auth header to
authenticate a user and retrieve information about the authenticated user.


==== Request

`GET _xpack/security/_authenticate`


==== Description

A successful call returns a JSON structure that shows what roles are assigned
to the user as well as any assigned metadata.

If the user cannot be authenticated, this API returns a 401 status code.

==== Examples

To authenticate a user, submit a GET request to the
`_xpack/security/_authenticate` endpoint:

[source,js]
--------------------------------------------------
GET _xpack/security/_authenticate
--------------------------------------------------
// CONSOLE

The following example output provides information about the "rdeniro" user:

[source,js]
--------------------------------------------------
{
  "username": "rdeniro",
  "roles": [
    "admin",
    "kibana4"
  ],
  "metadata" : {
    "employee_id": "8675309"
  }
}
--------------------------------------------------