Permission Policies

Last Edit: Mar 03 2020

If applicable, ownership of the entity is taken into account. This parameter allows you to grant users the ability to edit their own messages while denying editing others’ messages. Permission policies are organized as list ordered by priority. A permission policy has the following fields:

Channel Type

The channel the policy applies to.


The unique name for the policy (eg. "Channel member permissions").


The list of API resources the policy applies to. Policies can match one or more resources via their name or any resource by using the wildcard resource value “*”.


The list of roles the policy applies to. This value can be empty in the case the user role is not going to be taken into account.


Whether the policy should be applied to requested that alter an object owned by the requesting user. This field is either true or false.


The action to apply to the API request once resources, roles, and action fields are matching. The two allowed values are: Allow and Deny.


The priority of the policy. Policies are evaluated ordered by their priority, this field allows you to create a stable order.