Internal authentication

ECE ECK Elastic Cloud Hosted Self Managed

Internal authentication methods are fully managed by Elasticsearch, and don't require any communication with external parties.

Elasticsearch offers two internal authentication realms, both of which are enabled by default. There can only be a maximum of one configured realm per internal realm type.

In this section, you'll learn how to configure internal realms, and manage users that authenticate using internal realms.

Available internal realms

Elasticsearch provides two internal realm types:

native: Users are stored in a dedicated Elasticsearch index. This realm supports an authentication token in the form of username and password, and is available by default when no realms are explicitly configured. Users are managed through Kibana, or using user management APIs. See Native user authentication.
file: Users are defined in files stored on each node in the Elasticsearch cluster. This realm supports an authentication token in the form of username and password and is always available. See File-based user authentication. Available for Elastic Cloud on Kubernetes and self-managed deployments only.