Setting privileges to spaces, privileges not working on default space

Hi, I am using security feature in my project. I have three spaces, test1, test2 and default. I created a role and set privileges:
test1: read
test2: none
default: none

Now I created a user: test_user with this role and when I login with this, I cannot acces test2, good but I can access default. That is wrong.

I want test_user to access only test1 and no other space.
How to do that.
I am new to elastic and any help how I can solve this issue.

Thank you


I have the same and it works for me. Which version of Kibana do you have? Do you have " Minimum privileges for all spaces" set to none in the Role configuration?


UPDATE: You can try executing GET _xpack/security/_authenticate in the Dev Tools console. This gives you all roles the user has -maybe the access to the default space comes from another role?

1 Like

Hi Wolfram, thanks for your response.

Version: 7.1

" Minimum privileges for all spaces" is set to "none"

In "Higher privileges for individual spaces", I have selected the space which I want user to view and set privilege to "read". rest I have not set anything i.e. in elasticsearch section I have set nothing.

I though that might be default space is by default available to all the user and it can not be hide from users. But as you mention that this works for you, I couldn't find what I am doing wrong.

Have you tried that?

Yes, it gives only one role, which I created and in that role I have set read only to only one space rest are set to none.

I use Version 6.5.4 so maybe another one using your version can replicate this.

1 Like

Are you using paid one. I mean I am trying the security features which are made free with the open source/basic one. I guess those security features are there in version 6.8 and 7 and not in 6.5

link to blog:

Thanks for help :smile:

Yes, you are right: the security features for the basic license are available in 6.8/7.1 and later only but we have a gold license for that reason.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.