diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java
index 14023e5e39d07..50c1f8bd82828 100644
--- a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java
+++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityClient.java
@@ -30,6 +30,8 @@
import org.elasticsearch.client.security.PutUserResponse;
import org.elasticsearch.client.security.EmptyResponse;
import org.elasticsearch.client.security.ChangePasswordRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingResponse;
import java.io.IOException;
@@ -221,4 +223,33 @@ public void changePasswordAsync(ChangePasswordRequest request, RequestOptions op
restHighLevelClient.performRequestAsyncAndParseEntity(request, SecurityRequestConverters::changePassword, options,
EmptyResponse::fromXContent, listener, emptySet());
}
+
+ /**
+ * Delete a role mapping.
+ * See
+ * the docs for more.
+ * @param request the request with the role mapping name to be deleted.
+ * @param options the request options (e.g. headers), use {@link RequestOptions#DEFAULT} if nothing needs to be customized
+ * @return the response from the delete role mapping call
+ * @throws IOException in case there is a problem sending the request or parsing back the response
+ */
+ public DeleteRoleMappingResponse deleteRoleMapping(DeleteRoleMappingRequest request, RequestOptions options) throws IOException {
+ return restHighLevelClient.performRequestAndParseEntity(request, SecurityRequestConverters::deleteRoleMapping, options,
+ DeleteRoleMappingResponse::fromXContent, emptySet());
+ }
+
+ /**
+ * Asynchronously delete a role mapping.
+ * See
+ * the docs for more.
+ * @param request the request with the role mapping name to be deleted.
+ * @param options the request options (e.g. headers), use {@link RequestOptions#DEFAULT} if nothing needs to be customized
+ * @param listener the listener to be notified upon request completion
+ */
+ public void deleteRoleMappingAsync(DeleteRoleMappingRequest request, RequestOptions options,
+ ActionListener listener) {
+ restHighLevelClient.performRequestAsyncAndParseEntity(request, SecurityRequestConverters::deleteRoleMapping, options,
+ DeleteRoleMappingResponse::fromXContent, listener, emptySet());
+ }
+
}
diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java
index 0a1d9cb3530c4..d64389d39486b 100644
--- a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java
+++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java
@@ -19,12 +19,14 @@
package org.elasticsearch.client;
+import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.elasticsearch.client.security.PutRoleMappingRequest;
import org.elasticsearch.client.security.DisableUserRequest;
import org.elasticsearch.client.security.EnableUserRequest;
import org.elasticsearch.client.security.ChangePasswordRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingRequest;
import org.elasticsearch.client.security.PutUserRequest;
import org.elasticsearch.client.security.SetUserEnabledRequest;
@@ -93,4 +95,16 @@ private static Request setUserEnabled(SetUserEnabledRequest setUserEnabledReques
params.withRefreshPolicy(setUserEnabledRequest.getRefreshPolicy());
return request;
}
+
+ static Request deleteRoleMapping(DeleteRoleMappingRequest deleteRoleMappingRequest) throws IOException {
+ final String endpoint = new RequestConverters.EndpointBuilder()
+ .addPathPartAsIs("_xpack/security/role_mapping")
+ .addPathPart(deleteRoleMappingRequest.getName())
+ .build();
+ final Request request = new Request(HttpDelete.METHOD_NAME, endpoint);
+ final RequestConverters.Params params = new RequestConverters.Params(request);
+ params.withRefreshPolicy(deleteRoleMappingRequest.getRefreshPolicy());
+ return request;
+ }
+
}
diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingRequest.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingRequest.java
new file mode 100644
index 0000000000000..c55178f15b8a9
--- /dev/null
+++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingRequest.java
@@ -0,0 +1,79 @@
+/*
+ * Licensed to Elasticsearch under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.elasticsearch.client.security;
+
+import org.elasticsearch.client.Validatable;
+import org.elasticsearch.common.Nullable;
+import org.elasticsearch.common.Strings;
+
+import java.util.Objects;
+
+/**
+ * Request object to delete a role mapping.
+ */
+public final class DeleteRoleMappingRequest implements Validatable {
+ private final String name;
+ private final RefreshPolicy refreshPolicy;
+
+ /**
+ * Constructor for DeleteRoleMappingRequest
+ *
+ * @param name role mapping name to be deleted
+ * @param refreshPolicy refresh policy {@link RefreshPolicy} for the
+ * request, defaults to {@link RefreshPolicy#getDefault()}
+ */
+ public DeleteRoleMappingRequest(final String name, @Nullable final RefreshPolicy refreshPolicy) {
+ if (Strings.hasText(name) == false) {
+ throw new IllegalArgumentException("role-mapping name is required");
+ }
+ this.name = name;
+ this.refreshPolicy = (refreshPolicy == null) ? RefreshPolicy.getDefault() : refreshPolicy;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public RefreshPolicy getRefreshPolicy() {
+ return refreshPolicy;
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(name, refreshPolicy);
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj) {
+ return true;
+ }
+ if (obj == null) {
+ return false;
+ }
+ if (getClass() != obj.getClass()) {
+ return false;
+ }
+ final DeleteRoleMappingRequest other = (DeleteRoleMappingRequest) obj;
+
+ return (refreshPolicy == other.refreshPolicy) && Objects.equals(name, other.name);
+ }
+
+}
diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingResponse.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingResponse.java
new file mode 100644
index 0000000000000..6ae4186dc0d82
--- /dev/null
+++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/DeleteRoleMappingResponse.java
@@ -0,0 +1,74 @@
+/*
+ * Licensed to Elasticsearch under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.elasticsearch.client.security;
+
+import org.elasticsearch.common.ParseField;
+import org.elasticsearch.common.xcontent.ConstructingObjectParser;
+import org.elasticsearch.common.xcontent.XContentParser;
+
+import java.io.IOException;
+import java.util.Objects;
+
+import static org.elasticsearch.common.xcontent.ConstructingObjectParser.constructorArg;
+
+/**
+ * Response when deleting a role mapping. If the mapping is successfully
+ * deleted, the response returns a boolean field "found" {@code true}.
+ * Otherwise, "found" is set to {@code false}.
+ */
+public final class DeleteRoleMappingResponse {
+
+ private final boolean found;
+
+ public DeleteRoleMappingResponse(boolean deleted) {
+ this.found = deleted;
+ }
+
+ public boolean isFound() {
+ return found;
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) {
+ return true;
+ }
+ if (o == null || getClass() != o.getClass()) {
+ return false;
+ }
+ final DeleteRoleMappingResponse that = (DeleteRoleMappingResponse) o;
+ return found == that.found;
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(found);
+ }
+
+ private static final ConstructingObjectParser PARSER = new ConstructingObjectParser<>(
+ "delete_role_mapping_response", true, args -> new DeleteRoleMappingResponse((boolean) args[0]));
+ static {
+ PARSER.declareBoolean(constructorArg(), new ParseField("found"));
+ }
+
+ public static DeleteRoleMappingResponse fromXContent(XContentParser parser) throws IOException {
+ return PARSER.parse(parser, null);
+ }
+}
diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java
index 3c0e6dc4374c7..1c4df942d8cb5 100644
--- a/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java
+++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java
@@ -19,11 +19,13 @@
package org.elasticsearch.client;
+import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.elasticsearch.client.security.DisableUserRequest;
import org.elasticsearch.client.security.EnableUserRequest;
import org.elasticsearch.client.security.ChangePasswordRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingRequest;
import org.elasticsearch.client.security.PutRoleMappingRequest;
import org.elasticsearch.client.security.PutUserRequest;
import org.elasticsearch.client.security.RefreshPolicy;
@@ -155,4 +157,24 @@ public void testSelfChangePassword() throws IOException {
assertEquals(expectedParams, request.getParameters());
assertToXContentBody(changePasswordRequest, request.getEntity());
}
+
+ public void testDeleteRoleMapping() throws IOException {
+ final String roleMappingName = randomAlphaOfLengthBetween(4, 7);
+ final RefreshPolicy refreshPolicy = randomFrom(RefreshPolicy.values());
+ final Map expectedParams;
+ if (refreshPolicy != RefreshPolicy.NONE) {
+ expectedParams = Collections.singletonMap("refresh", refreshPolicy.getValue());
+ } else {
+ expectedParams = Collections.emptyMap();
+ }
+ final DeleteRoleMappingRequest deleteRoleMappingRequest = new DeleteRoleMappingRequest(roleMappingName, refreshPolicy);
+
+ final Request request = SecurityRequestConverters.deleteRoleMapping(deleteRoleMappingRequest);
+
+ assertEquals(HttpDelete.METHOD_NAME, request.getMethod());
+ assertEquals("/_xpack/security/role_mapping/" + roleMappingName, request.getEndpoint());
+ assertEquals(expectedParams, request.getParameters());
+ assertNull(request.getEntity());
+ }
+
}
diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java
index ee122051af0c3..4bc6f75de5362 100644
--- a/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java
+++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java
@@ -25,6 +25,8 @@
import org.elasticsearch.client.RequestOptions;
import org.elasticsearch.client.RestHighLevelClient;
import org.elasticsearch.client.security.ChangePasswordRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingRequest;
+import org.elasticsearch.client.security.DeleteRoleMappingResponse;
import org.elasticsearch.client.security.DisableUserRequest;
import org.elasticsearch.client.security.EmptyResponse;
import org.elasticsearch.client.security.EnableUserRequest;
@@ -34,10 +36,10 @@
import org.elasticsearch.client.security.PutUserRequest;
import org.elasticsearch.client.security.PutUserResponse;
import org.elasticsearch.client.security.RefreshPolicy;
-import org.elasticsearch.client.security.support.CertificateInfo;
import org.elasticsearch.client.security.support.expressiondsl.RoleMapperExpression;
-import org.elasticsearch.client.security.support.expressiondsl.expressions.AnyRoleMapperExpression;
import org.elasticsearch.client.security.support.expressiondsl.fields.FieldRoleMapperExpression;
+import org.elasticsearch.client.security.support.CertificateInfo;
+import org.elasticsearch.client.security.support.expressiondsl.expressions.AnyRoleMapperExpression;
import org.hamcrest.Matchers;
import java.util.Collections;
@@ -361,4 +363,58 @@ public void onFailure(Exception e) {
assertTrue(latch.await(30L, TimeUnit.SECONDS));
}
}
+
+ public void testDeleteRoleMapping() throws Exception {
+ final RestHighLevelClient client = highLevelClient();
+
+ {
+ // Create role mappings
+ final RoleMapperExpression rules = FieldRoleMapperExpression.ofUsername("*");
+ final PutRoleMappingRequest request = new PutRoleMappingRequest("mapping-example", true, Collections.singletonList("superuser"),
+ rules, null, RefreshPolicy.NONE);
+ final PutRoleMappingResponse response = client.security().putRoleMapping(request, RequestOptions.DEFAULT);
+ boolean isCreated = response.isCreated();
+ assertTrue(isCreated);
+ }
+
+ {
+ // tag::delete-role-mapping-execute
+ final DeleteRoleMappingRequest request = new DeleteRoleMappingRequest("mapping-example", RefreshPolicy.NONE);
+ final DeleteRoleMappingResponse response = client.security().deleteRoleMapping(request, RequestOptions.DEFAULT);
+ // end::delete-role-mapping-execute
+ // tag::delete-role-mapping-response
+ boolean isFound = response.isFound(); // <1>
+ // end::delete-role-mapping-response
+
+ assertTrue(isFound);
+ }
+
+ {
+ final DeleteRoleMappingRequest request = new DeleteRoleMappingRequest("mapping-example", RefreshPolicy.NONE);
+ // tag::delete-role-mapping-execute-listener
+ ActionListener listener = new ActionListener() {
+ @Override
+ public void onResponse(DeleteRoleMappingResponse response) {
+ // <1>
+ }
+
+ @Override
+ public void onFailure(Exception e) {
+ // <2>
+ }
+ };
+ // end::delete-role-mapping-execute-listener
+
+ // Replace the empty listener by a blocking listener in test
+ final CountDownLatch latch = new CountDownLatch(1);
+ listener = new LatchedActionListener<>(listener, latch);
+
+ // tag::delete-role-mapping-execute-async
+ client.security().deleteRoleMappingAsync(request, RequestOptions.DEFAULT, listener); // <1>
+ // end::delete-role-mapping-execute-async
+
+ assertTrue(latch.await(30L, TimeUnit.SECONDS));
+ }
+ }
+
}
diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/security/DeleteRoleMappingRequestTests.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/security/DeleteRoleMappingRequestTests.java
new file mode 100644
index 0000000000000..d3b6c0740c0c2
--- /dev/null
+++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/security/DeleteRoleMappingRequestTests.java
@@ -0,0 +1,72 @@
+/*
+ * Licensed to Elasticsearch under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.elasticsearch.client.security;
+
+import org.elasticsearch.test.ESTestCase;
+import org.elasticsearch.test.EqualsHashCodeTestUtils;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.Collectors;
+
+import static org.hamcrest.Matchers.equalTo;
+
+public class DeleteRoleMappingRequestTests extends ESTestCase {
+
+ public void testDeleteRoleMappingRequest() {
+ final String name = randomAlphaOfLength(5);
+ final RefreshPolicy refreshPolicy = randomFrom(RefreshPolicy.values());
+ final DeleteRoleMappingRequest deleteRoleMappingRequest = new DeleteRoleMappingRequest(name, refreshPolicy);
+ assertThat(deleteRoleMappingRequest.getName(), equalTo(name));
+ assertThat(deleteRoleMappingRequest.getRefreshPolicy(), equalTo(refreshPolicy));
+ }
+
+ public void testDeleteRoleMappingRequestThrowsExceptionForNullOrEmptyName() {
+ final String name = randomBoolean() ? null : "";
+ final IllegalArgumentException ile = expectThrows(IllegalArgumentException.class, () -> new DeleteRoleMappingRequest(name, null));
+ assertThat(ile.getMessage(), equalTo("role-mapping name is required"));
+ }
+
+ public void testEqualsHashCode() {
+ final String name = randomAlphaOfLength(5);
+ final RefreshPolicy refreshPolicy = randomFrom(RefreshPolicy.values());
+ final DeleteRoleMappingRequest deleteRoleMappingRequest = new DeleteRoleMappingRequest(name, refreshPolicy);
+ assertNotNull(deleteRoleMappingRequest);
+
+ EqualsHashCodeTestUtils.checkEqualsAndHashCode(deleteRoleMappingRequest, (original) -> {
+ return new DeleteRoleMappingRequest(original.getName(), original.getRefreshPolicy());
+ });
+
+ EqualsHashCodeTestUtils.checkEqualsAndHashCode(deleteRoleMappingRequest, (original) -> {
+ return new DeleteRoleMappingRequest(original.getName(), original.getRefreshPolicy());
+ }, DeleteRoleMappingRequestTests::mutateTestItem);
+
+ }
+
+ private static DeleteRoleMappingRequest mutateTestItem(DeleteRoleMappingRequest original) {
+ if (randomBoolean()) {
+ return new DeleteRoleMappingRequest(randomAlphaOfLength(5), original.getRefreshPolicy());
+ } else {
+ List values = Arrays.stream(RefreshPolicy.values()).filter(rp -> rp != original.getRefreshPolicy()).collect(
+ Collectors.toList());
+ return new DeleteRoleMappingRequest(original.getName(), randomFrom(values));
+ }
+ }
+}
diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/security/DeleteRoleMappingResponseTests.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/security/DeleteRoleMappingResponseTests.java
new file mode 100644
index 0000000000000..d89deb44e9f68
--- /dev/null
+++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/security/DeleteRoleMappingResponseTests.java
@@ -0,0 +1,68 @@
+/*
+ * Licensed to Elasticsearch under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.elasticsearch.client.security;
+
+import org.elasticsearch.common.xcontent.DeprecationHandler;
+import org.elasticsearch.common.xcontent.NamedXContentRegistry;
+import org.elasticsearch.common.xcontent.XContentType;
+import org.elasticsearch.test.ESTestCase;
+import org.elasticsearch.test.EqualsHashCodeTestUtils;
+
+import java.io.IOException;
+import java.util.Collections;
+
+import static org.hamcrest.Matchers.equalTo;
+
+public class DeleteRoleMappingResponseTests extends ESTestCase {
+
+ public void testFromXContent() throws IOException {
+ final String json = "{ \"found\" : \"true\" }";
+ final DeleteRoleMappingResponse response = DeleteRoleMappingResponse.fromXContent(XContentType.JSON.xContent().createParser(
+ new NamedXContentRegistry(Collections.emptyList()), new DeprecationHandler() {
+ @Override
+ public void usedDeprecatedName(String usedName, String modernName) {
+ }
+
+ @Override
+ public void usedDeprecatedField(String usedName, String replacedWith) {
+ }
+ }, json));
+ final DeleteRoleMappingResponse expectedResponse = new DeleteRoleMappingResponse(true);
+ assertThat(response, equalTo(expectedResponse));
+ }
+
+ public void testEqualsHashCode() {
+ final boolean found = randomBoolean();
+ final DeleteRoleMappingResponse deleteRoleMappingResponse = new DeleteRoleMappingResponse(found);
+
+ EqualsHashCodeTestUtils.checkEqualsAndHashCode(deleteRoleMappingResponse, (original) -> {
+ return new DeleteRoleMappingResponse(original.isFound());
+ });
+
+ EqualsHashCodeTestUtils.checkEqualsAndHashCode(deleteRoleMappingResponse, (original) -> {
+ return new DeleteRoleMappingResponse(original.isFound());
+ }, DeleteRoleMappingResponseTests::mutateTestItem);
+
+ }
+
+ private static DeleteRoleMappingResponse mutateTestItem(DeleteRoleMappingResponse original) {
+ return new DeleteRoleMappingResponse(!original.isFound());
+ }
+}
diff --git a/docs/java-rest/high-level/security/delete-role-mapping.asciidoc b/docs/java-rest/high-level/security/delete-role-mapping.asciidoc
new file mode 100644
index 0000000000000..63025e9d68181
--- /dev/null
+++ b/docs/java-rest/high-level/security/delete-role-mapping.asciidoc
@@ -0,0 +1,51 @@
+[[java-rest-high-security-delete-role-mapping]]
+=== Delete Role Mapping API
+
+[[java-rest-high-security-delete-role-mapping-execution]]
+==== Execution
+Deletion of a role mapping can be performed using the `security().deleteRoleMapping()`
+method:
+
+["source","java",subs="attributes,callouts,macros"]
+--------------------------------------------------
+include-tagged::{doc-tests}/SecurityDocumentationIT.java[delete-role-mapping-execute]
+--------------------------------------------------
+
+[[java-rest-high-security-delete-role-mapping-response]]
+==== Response
+The returned `DeleteRoleMappingResponse` contains a single field, `found`. If the mapping
+is successfully found and deleted, found is set to true. Otherwise, found is set to false.
+
+["source","java",subs="attributes,callouts,macros"]
+--------------------------------------------------
+include-tagged::{doc-tests}/SecurityDocumentationIT.java[delete-role-mapping-response]
+--------------------------------------------------
+<1> `found` is a boolean indicating whether the role mapping was found and deleted
+
+[[java-rest-high-security-delete-role-mapping-async]]
+==== Asynchronous Execution
+
+This request can be executed asynchronously using the `security().deleteRoleMappingAsync()`
+method:
+
+["source","java",subs="attributes,callouts,macros"]
+--------------------------------------------------
+include-tagged::{doc-tests}/SecurityDocumentationIT.java[delete-role-mapping-execute-async]
+--------------------------------------------------
+<1> The `DeleteRoleMappingRequest` to execute and the `ActionListener` to use when
+the execution completes
+
+The asynchronous method does not block and returns immediately. Once the request
+has completed the `ActionListener` is called back using the `onResponse` method
+if the execution successfully completed or using the `onFailure` method if
+it failed.
+
+A typical listener for a `DeleteRoleMappingResponse` looks like:
+
+["source","java",subs="attributes,callouts,macros"]
+--------------------------------------------------
+include-tagged::{doc-tests}/SecurityDocumentationIT.java[delete-role-mapping-execute-listener]
+--------------------------------------------------
+<1> Called when the execution is successfully completed. The response is
+provided as an argument
+<2> Called in case of failure. The raised exception is provided as an argument
diff --git a/docs/java-rest/high-level/security/put-role-mapping.asciidoc b/docs/java-rest/high-level/security/put-role-mapping.asciidoc
index 7f1bcb2839bde..f71c7648803dc 100644
--- a/docs/java-rest/high-level/security/put-role-mapping.asciidoc
+++ b/docs/java-rest/high-level/security/put-role-mapping.asciidoc
@@ -34,7 +34,7 @@ method:
--------------------------------------------------
include-tagged::{doc-tests}/SecurityDocumentationIT.java[put-role-mapping-execute-async]
--------------------------------------------------
-<1> The `PutRoleMappingResponse` to execute and the `ActionListener` to use when
+<1> The `PutRoleMappingRequest` to execute and the `ActionListener` to use when
the execution completes
The asynchronous method does not block and returns immediately. Once the request
diff --git a/docs/java-rest/high-level/supported-apis.asciidoc b/docs/java-rest/high-level/supported-apis.asciidoc
index 36c0e3578c1a6..410e113fd4230 100644
--- a/docs/java-rest/high-level/supported-apis.asciidoc
+++ b/docs/java-rest/high-level/supported-apis.asciidoc
@@ -318,6 +318,7 @@ The Java High Level REST Client supports the following Security APIs:
* <>
* <>
* <>
+* <>
include::security/put-user.asciidoc[]
include::security/enable-user.asciidoc[]
@@ -325,6 +326,7 @@ include::security/disable-user.asciidoc[]
include::security/change-password.asciidoc[]
include::security/get-certificates.asciidoc[]
include::security/put-role-mapping.asciidoc[]
+include::security/delete-role-mapping.asciidoc[]
== Watcher APIs