# ElasticsearchSecurityException: missing authentication credentials [global]

- **ID:** `elasticsearch/missing-authentication-credentials`
- **Domain:** elasticsearch
- **Category:** auth_error
- **Verification:** ai_generated
- **Fix Rate:** 95%

## Root Cause

A request to Elasticsearch lacks required authentication credentials, often due to missing API key or token.

## Version Compatibility

| Version | Status | Introduced | Deprecated |
|---------|--------|------------|------------|
| 7.17.0 | active | — | — |
| 8.10.0 | active | — | — |
| 8.14.0 | active | — | — |

## Workarounds

1. **Generate a new API key via Kibana or the `POST /_security/api_key` endpoint and include it in the `Authorization` header: `Authorization: ApiKey <base64-encoded-key>`.** (95% success)
   ```
   Generate a new API key via Kibana or the `POST /_security/api_key` endpoint and include it in the `Authorization` header: `Authorization: ApiKey <base64-encoded-key>`.
   ```
2. **Use a valid username and password in the request: `curl -u username:password https://localhost:9200/_cluster/health`.** (90% success)
   ```
   Use a valid username and password in the request: `curl -u username:password https://localhost:9200/_cluster/health`.
   ```
3. **Configure the client with a service account token: `PUT _security/service/elastic/kibana/credential/token` and use it in requests.** (92% success)
   ```
   Configure the client with a service account token: `PUT _security/service/elastic/kibana/credential/token` and use it in requests.
   ```

## Dead Ends

- **** — Disabling security exposes the cluster to unauthorized access and is not a proper fix. (70% fail)
- **** — Restarting does not provide the missing credentials; the error will recur. (95% fail)
- **** — The client still uses old credentials, causing authentication failure. (90% fail)