The Authenticate API enables you to submit a request with a basic auth header to authenticate a user and retrieve information about the authenticated user. Returns a 401 status code if the user cannot be authenticated.

To authenticate a user, submit a GET request to the _xpack/security/_authenticate endpoint:

GET _xpack/security/_authenticate

A successful call returns a JSON structure that shows what roles are assigned to the user.

{
  "username": "rdeniro",
  "roles": [
    "admin",
    "kibana4"
  ]
}