Creating a Kibana space separates dashboards, data views, alert rules, and other saved objects so one Elastic deployment can serve multiple teams or environments without mixing operational context.
A space is Kibana's boundary for saved objects, navigation context, and some feature visibility. The space id becomes the stable URL identifier under /s/<space_id>/ for non-default spaces, and current Elastic Stack releases can also assign a per-space solution view that changes the navigation shown to users inside that space.
Managing spaces requires the current Admin or kibana_admin role, or an equivalent permission set, on Elastic Stack deployments. The API examples below use a direct Kibana endpoint with an API key header, but the same endpoint also accepts basic authentication. Include any configured server.basePath before /api/spaces/space, keep the space id lowercase because Kibana does not let you rename it later, and remember that hiding features in a space does not replace role-based security for the underlying data.
Related: How to delete a Kibana space
Related: How to export Kibana saved objects
Related: How to import Kibana saved objects
Steps to create a Kibana space:
- Set the Kibana URL, optional base path, Spaces API path, API key header, and CA file for the target deployment.
$ export KIBANA_URL="https://kibana.example.net:5601" $ export KIBANA_BASE_PATH="" $ export KIBANA_SPACES_API="$KIBANA_URL$KIBANA_BASE_PATH/api/spaces/space" $ export KIBANA_AUTH_HEADER="Authorization: ApiKey BASE64_ENCODED_API_KEY" $ export KIBANA_CA="/etc/kibana/certs/http-ca.crt"
When Kibana sits behind a reverse proxy prefix such as /kibana, set KIBANA_BASE_PATH so the API path becomes https://kibana.example.net/kibana/api/spaces/space.
Do not add /s/<space_id> to the create request itself, because that path is for later calls that target an existing non-default space.
Use --user user:password in place of --header "$KIBANA_AUTH_HEADER" if the deployment uses basic authentication instead of an API key.
- List the existing spaces and confirm the target id is not already in use.
$ curl --silent --show-error --fail \ --cacert "$KIBANA_CA" \ --header "$KIBANA_AUTH_HEADER" \ "$KIBANA_SPACES_API" | jq '[.[] | {id: .id, name: .name, _reserved: ._reserved}]' [ { "id": "default", "name": "Default", "_reserved": true } ]The id is the short URL identifier Kibana uses in /s/<space_id>/ and current API docs limit it to lowercase letters, numbers, underscores, and hyphens.
Reserved spaces such as default cannot be deleted and should not be reused as the target id for automation.
- Create the space with the API.
$ curl --silent --show-error --fail \ --cacert "$KIBANA_CA" \ --header "$KIBANA_AUTH_HEADER" \ --header "kbn-xsrf: true" \ --header "Content-Type: application/json" \ --request POST "$KIBANA_SPACES_API" \ --data '{ "id": "ops", "name": "Operations", "description": "Operations dashboards, alerts, and saved objects", "initials": "OP", "color": "#1EA593", "solution": "oblt", "disabledFeatures": [] }' | jq '{id: .id, name: .name, initials: .initials, solution: .solution, disabledFeatures: .disabledFeatures}' { "id": "ops", "name": "Operations", "initials": "OP", "solution": "oblt", "disabledFeatures": [] }The kbn-xsrf header is required for non-GET Kibana API requests.
Current Elastic Stack deployments can set solution to search, oblt, security, or classic to control the space navigation. Omit that field if you want Kibana to keep its default solution view.
Disabling features in a space only hides them from the space navigation. It does not remove the user's underlying Kibana or Elasticsearch privileges.
- Fetch the new space by id and confirm Kibana saved the expected settings.
$ curl --silent --show-error --fail \ --cacert "$KIBANA_CA" \ --header "$KIBANA_AUTH_HEADER" \ "$KIBANA_SPACES_API/ops" | jq '{id: .id, name: .name, description: .description, initials: .initials, solution: .solution}' { "id": "ops", "name": "Operations", "description": "Operations dashboards, alerts, and saved objects", "initials": "OP", "solution": "oblt" }The id cannot be renamed later, so this check is the best time to catch a typo before the space collects dashboards, rules, and other saved objects.
- Open the Spaces management page from the navigation menu or by using the global search field and confirm the new space is listed.
Current Elastic Stack deployments on 8.16 and later also show the selected solution view for the space in the UI, so the new entry should match the navigation mode chosen in the API request.
After the space exists, use /s/ops/ in later Kibana URLs and API paths when you want saved objects, rules, or data views to be created inside that space instead of the default space.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
