Unable to get deployment users through the API

Hi team,

I am trying to create a script to get all users and roles from a specific Elasticsearch deployment instance. I have prepared the API call as "{deployment_URL}/_security/user", but I am getting this 401 error. I tried using API keys and user credentials, but the error persists. My instance is fully hosted in the cloud. Any thoughts?

Thanks in advance!

If you're getting a 401 then I suspect you're mixing up Cloud/Deployment credentials and URLs.

If you want a list of deployment users (*) then the URL will be something like https://my-project-abc123.es.us-east-1.aws.elastic.cloud/_security/user (depending on your cloud provider and region) and you will need to use either:

  • Basic authentication with the elastic user and the password provided to your when you created the deployment
  • Basic authentication with another user that you created inside the deployment (via API or the Kibana UI)
  • An API key that was created inside the deployment (either via the API or the Kibana UI).

You will not be able to use a user that logs via the Cloud login page (cloud.elastic.co) or an API Key for the Cloud API.

(*) This may not include all users who have access to your deployment. That API will only return those who are managed within the deployment. It does not include users who have been granted access via Cloud Console, and login via Elastic Cloud, nor any users that login via other SSO protocols such as SAML or OpenID Connect.