# Activate a user profile

**POST /_security/profile/_activate**

Create or update a user profile on behalf of another user.

NOTE: The user profile feature is designed only for use by Kibana and Elastic's Observability, Enterprise Search, and Elastic Security solutions.
Individual users and external applications should not call this API directly.
The calling application must have either an `access_token` or a combination of `username` and `password` for the user that the profile document is intended for.
Elastic reserves the right to change or remove this feature in future releases without prior notice.

This API creates or updates a profile document for end users with information that is extracted from the user's authentication object including `username`, `full_name,` `roles`, and the authentication realm.
For example, in the JWT `access_token` case, the profile user's `username` is extracted from the JWT token claim pointed to by the `claims.principal` setting of the JWT realm that authenticated the token.

When updating a profile document, the API enables the document if it was disabled.
Any updates do not change existing content for either the `labels` or `data` fields.

## Required authorization

* Cluster privileges: `manage_user_profile`



## Servers
- http://api.example.com: http://api.example.com ()


## Authentication methods
- Api key auth
- Basic auth
- Bearer auth


## Parameters



### Body: application/json (object)

- **access_token** (string)
  The user's Elasticsearch access token or JWT.
  Both `access` and `id` JWT token types are supported and they depend on the underlying JWT realm configuration.
  If you specify the `access_token` grant type, this parameter is required.
  It is not valid with other grant types.
- **grant_type** (string)
  The type of grant.

  Supported values include:
    - `password`: In this type of grant, you must supply the user ID and password for which you want to create the API key.
    - `access_token`: In this type of grant, you must supply an access token that was created by the Elasticsearch token service.
  If you are activating a user profile, you can alternatively supply a JWT (either a JWT `access_token` or a JWT `id_token`).

- **password** (string)
  The user's password.
  If you specify the `password` grant type, this parameter is required.
  It is not valid with other grant types.
- **username** (string)
  The username that identifies the user.
  If you specify the `password` grant type, this parameter is required.
  It is not valid with other grant types.


## Responses
### 200


#### Body: application/json (object)
- **uid** (string)

- **user** (object)

- **data** (object)

- **labels** (object)

- **enabled** (boolean)

- **last_synchronized** (number)

- **_doc** (object)



[Powered by Bump.sh](https://bump.sh)