[[security-api-privileges]] === Privilege APIs [[security-api-has-privilege]] The `has_privileges` API allows you to determine whether the logged in user has a specified list of privileges. All users can use this API, but only to determine their own privileges. To check the privileges of other users, you must use the <> feature. To check you privileges, submit a GET request to the `_xpack/security/user/_has_privileges` endpoint: [source,js] -------------------------------------------------- GET _xpack/security/user/_has_privileges { "cluster": [ "monitor", "manage" ], "index" : [ { "names": [ "suppliers", "products" ], "privileges": [ "read" ] }, { "names": [ "inventory" ], "privileges" : [ "read", "write" ] } ] } -------------------------------------------------- // CONSOLE A successful call returns a JSON structure that shows whether each specified privilege is assigned to the user [source,js] -------------------------------------------------- { "username": "rdeniro", "has_all_requested" : false, "cluster" : { "monitor" : true, "manage" : false }, "index" : { "suppliers" : { "read" : true }, "products" : { "read" : true }, "inventory" : { "read" : true, "write" : false } } } -------------------------------------------------- // TESTRESPONSE[s/"rdeniro"/"$body.username"/] // TESTRESPONSE[s/: false/: true/]