Unable to authenticate user [*****] for REST request [/]

Hi Team,

*I have created one user from kibana UI and also from elastic server using the REST API.
Now when I'm trying to hit the API using my new user id and password I'm getting the error message -

*API that I'm using -

curl -v -u akhil:akhil12345 -X GET "https://*******.***.com:7878/_xpack/security/_authenticate"

below is the error message -

  • Connection #0 to host .***.com left intact

{"error":{"root_cause":[{"type":"security_exception","reason":"unable to authenticate user [akhil] for REST request [/_xpack/security/_authenticate]","header":{"WWW-Authenticate":["Bearer realm="security"","Basic realm="security" charset="UTF-8""]}}],"type":"security_exception","reason":"unable to authenticate user [akhil] for REST request [/_xpack/security/_authenticate]","header":{"WWW-Authenticate":["Bearer realm="security"","Basic realm="security" charset="UTF-8""]}},"status":401}

Also, unable to login kibana with this new uid and password.

*it's working fine for elastic

curl -v -u elastic:akhil12345 -X GET "https://*******.*****.com:7878/_xpack/security/_authenticate"

{"username":"elastic","roles":["superuser"],"full_name":null,"email":null,"metadata":{"_reserved":true},"enabled":true}

*API used for creating user -

curl -v -u elastic:akhil12345 -X POST "https://..com:7878/_xpack/security/user/akhil?pretty" -H 'Content-Type: application/json' -d'
{
"password" : "akhil12345",
"roles" : [ "superuser", "other_role1" ],
"full_name" : "Akhil Patwal",
"email" : "akhil@
.",
"metadata" : {
"intelligence" : 7
}
}

I can see this user when hitting the below API -

curl -v -u elastic:akhil12345 -X GET "https://.**.com:7878/_xpack/security/user"

#0 to host .**.com left intact

":{},"enabled":true},"akhil":{"username":"akhil","roles":["superuser"],"full_name":null,"email":null,"metadata":{},"enabled":

Tried to create the user from kibana also, but my bad luck it's not working, getting the same error.

Below are some more details regarding this ELK setup :

  1. Using nginx reverse proxy method- port 7878 has been used

  2. We have valid ssl certificates that we are using currently.

  3. Also having a gold licence. It's also in used.

Please let us know, how it can be resolved. If you want more details kindly let us know.

A number of things can be happening:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.