mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-07 05:28:34 +00:00
f2cbe20ea0
This is related to elastic/x-pack-elasticsearch#1217. This PR removes the default password of "changeme" from the reserved users. This PR adds special behavior for authenticating the reserved users. No ReservedRealm user can be authenticated until its password is set. The one exception to this is the elastic user. The elastic user can be authenticated with an empty password if the action is a rest request originating from localhost. In this scenario where an elastic user is authenticated with a default password, it will have metadata indicating that it is in setup mode. An elastic user in setup mode is only authorized to execute a change password request. Original commit: elastic/x-pack-elasticsearch@e1e101a237
28 lines
804 B
Plaintext
28 lines
804 B
Plaintext
[role="xpack"]
|
|
[[security-api-change-password]]
|
|
=== Change Password API
|
|
|
|
The Change Password API enables you to submit a request to change the password
|
|
of a user. Every user can change their own password and users with the
|
|
`manage_security` privilege can change passwords of other users.
|
|
|
|
To change the password of the logged in user, submit a POST request to the
|
|
`_xpack/security/user/_password` endpoint:
|
|
|
|
[source,js]
|
|
--------------------------------------------------
|
|
POST _xpack/security/user/elastic/_password
|
|
{
|
|
"password": "x-pack-test-password"
|
|
}
|
|
--------------------------------------------------
|
|
// CONSOLE
|
|
|
|
A successful call returns an empty JSON structure.
|
|
|
|
[source,js]
|
|
--------------------------------------------------
|
|
{}
|
|
--------------------------------------------------
|
|
// TESTRESPONSE
|