This provides a set of APIs to create, update, or delete users from the native realm. 

The following is a list of available APIs and how to use them:

GET /_xpack/security/user                             -- To list all the users
GET /_xpack/security/user/<username>                  -- To get the details of a specific user
DELETE /_xpack/security/user/<username>               -- To Delete a user
POST /_xpack/security/user/<username>                 -- To Create a new user
PUT /_xpack/security/user/<username>                  -- To Update an existing user
PUT /_xpack/security/user/<username>/_disable         -- To disable an existing user
PUT /_xpack/security/user/<username>/_enable          -- To enable an existing disabled user
PUT /_xpack/security/user/<username>/_password        -- to Change the password

The username in the path parameter specifies the user against which the operation is carried out. The body of the request accepts parameters such as email, full_name, and password as strings and roles as list.

Example 1: Create a new user, user3, with monitor_role assigned to it:

curl -u elastic:elastic -X POST http://localhost:9200/_xpack/security/user/user3 -H 'content-type: application/json' -d '
{
  "password" : "randompassword",
  "roles" : [ "monitor_role"],
  "full_name" : "user3",
  "email" : "[email protected]"
  
}'

Response:
user":{"created":true}}

 Example 2: Get the list of all users:

curl -u elastic:elastic -XGET http://localhost:9200/_xpack/security/user?pretty

Example 3: Delete user3:

curl -u elastic:elastic -XDELETE http://localhost:9200/_xpack/security/user/user3
Response:
{"found":true}

Example 4: Change the password:

curl -u elastic:elastic -XPUT http://localhost:9200/_xpack/security/user/user2/_password -H "content-type: application/json" -d "{ "password": "newpassword"}"