Cannot remove all indexes

On my regular ES setup I was able to delete all of my indexes with:

curl -XDELETE 'http://localhost:9200/*'

Using XGET with ODFE works fine with the --insecure flag however when executing:

curl -XDELETE 'http://localhost:9200/*' -u admin:admin --insecure

I get the following ssl error

odfe-node1 | [2019-05-07T06:06:54,635][WARN ][c.a.o.s.s.h.n.OpenDistroSecuritySSLNettyHttpServerTransport] [MqGeKRk] Someone (null) speaks http plaintext instead of ssl, will close the channel

I also tried just logging into Kibana which gives me permission errors (I am logged in on admin account)

  "error": {
    "root_cause": [
        "type": "security_exception",
        "reason": "no permissions for [] and User [name=admin, roles=[admin], requestedTenant=__user__]"
    "type": "security_exception",
    "reason": "no permissions for [] and User [name=admin, roles=[admin], requestedTenant=__user__]"
  "status": 403

Any suggestions?

Hello !
I think you typed the URL wrong :

curl -XDELETE ‘http://localhost:9200/*’ -u admin:admin --insecure

Should be talking on https if you are using --insecure + -u :

curl -XDELETE 'https://localhost:9200/*' -u admin:admin --insecure

Hope it fixes your problem.

1 Like

Oh, you are right! However I still get the same permission error like I have when trying to delete directly from Kibana. Any ideas on that, or should I make a separate security post?

I can’t help you further without more description about your setup.
Can you give me your configuration files, user roles and permissions?
Not sure about a role named admin.

Find it weird that “no permissions for ” is empty, normally it tells you which rights you are lacking.
And what is that tenant “__user__” ?

“no permissions for and User [name=admin, roles=[admin], requestedTenant=user]”


Started today by following the docker install guide. I am using the sample docker-compose file so my setup is basically plain vanilla. When I go into kibana > tenants I only see Global, Private and admin_tenant so I don’t really know what “user” is about.

So what is your problem now?
You can log in and you can check maybe in Dev Tools.

By the way, not sure it’s the best practice to delete indices like that

curl -XDELETE ‘https://localhost:9200/*

What indices are you trying to delete?
I would use the Dev Tools so I know which indices I’m deleting.


The kibana error I mentioned was from Dev Tools. I just want a quick way to remove all indexes during development so I don’t need to delete them one by one.

Hi, have you resolved this issue?

I’ve found, that individual or wildcard indexes DELETE requests works fine for all indexes from curl -X GET 'https://localhost:9201/_cat/indices?v' list except .opendistro_security one. I guess command with -dci flag could potentially resolve this issue. One attempt to do this from inside of docker image was unsuccessfull so I decided to cleanup docker container.

I’ve decided to just use docker-compose down -v to wipe all volumes.