React
iOS
Android
Flutter
Angular
JavaScript
Unity
Unreal
Node
Python
Ruby
PHP
Java
.NET
Go
REST// disable auth checks, allows dev token usage
await client.updateAppSettings({
disable_auth_checks: true,
});
// re-enable auth checks
await client.updateAppSettings({
disable_auth_checks: false,
});Overview
Application level settings allow you to configure settings that impact all the channel types in your app. Our backend SDKs make it easy to change the app settings. You can also change most of these using the CLI or the dashboard. Here’s an example on changing the disable_auth_checks setting:
# disable auth checks, allows dev token usage
client.update_app_settings(disable_auth_checks=True)
# re-enable auth checks
client.update_app_settings(disable_auth_checks=False)// disable auth checks, allows dev token usage
$update = $client->updateAppSettings([
'disable_auth_checks' => true
]);
// re-enable auth checks
$update = $client->updateAppSettings([
'disable_auth_checks' => false
]);// disable auth checks, allows dev token usage
settings := NewAppSettings().SetDisableAuth(true)
err = client.UpdateAppSettings(settings)
if err != nil {
log.Fatalf("Err: %v", err)
}
// re-enable auth checks
err = client.UpdateAppSettings(NewAppSettings().SetDisableAuth(false))
if err != nil {
log.Fatalf("Err: %v", err)
}# disable auth checks, allows dev token usage
client.update_app_settings({ 'disable_auth_checks' => true })
# re-enable auth checks
client.update_app_settings({ 'disable_auth_checks' => false })await appClient.UpdateAppSettingsAsync(new AppSettingsRequest
{
DisableAuth = true,
});
// re-enable auth checks
await appClient.UpdateAppSettingsAsync(new AppSettingsRequest
{
DisableAuth = false,
});// disable auth checks, allows dev token usage
App.update().disableAuthChecks(true).request();
// re-enable auth checks
App.update().disableAuthChecks(false).request();// This is a server-side only feature, choose any of our server-side SDKs to use itA full overview of available settings can be found below:
Permissions
The following app settings allow you to control how permissions work for your app:
| NAME | DESCRIPTION | DEFAULT |
|---|---|---|
| disable_auth_checks | Disabled authentication. Convenient during testing and allows you to use devTokens on the client side. Should not be used in production. | false |
| disable_permissions_checks | Gives all users full permissions to edit messages, delete them etc. Again not recommended in a production setting, only useful for development. | false |
Push
CDN
| NAME | DESCRIPTION | DEFAULT |
|---|---|---|
| cdn_expiration_seconds | CDN URL expiration time. See details. | 1209600 (14 days) |
Hooks
Hooks enable you to listen to changes in chat. You can use either webhooks or SQS.
| NAME | DESCRIPTION | DEFAULT |
|---|---|---|
| webhook_url | This webhook is useful when you want your server application to receive all important events happening in the Stream Chat | - |
| custom_action_handler_url | This webhook reacts to custom /slash commands and actions on those commands/ MML | - |
| before_message_send_hook_url | This webhook allows you to modify or moderate message content before sending it to the chat for everyone to see | - |
| sqs_url | Your SQS url | - |
| sqs_key | The key for SQS queue | - |
| sqs_secret | The secret for your SQS queue | - |
Moderation & Translation
The following settings allow you to control moderation for your chat:
| NAME | DESCRIPTION | DEFAULT |
|---|---|---|
| image_moderation_labels | Moderation scores returned from the external image moderation API | - |
| image_moderation_enabled | If image moderation AI should be turned on | - |
| enforce_unique_usernames | If Stream should enforce username uniqueness. This prevents people from joining the chat as “elonmusk” while “elonmusk” is presenting. | - |
| auto_translation_enabled | If Stream should automatically translate messages | - |
| async_url_enrich_enabled | If url enrichment should be done async. It will trigger message.updated event | - |
File Uploads
You can set restrictions on file uploads by including a file_upload_config object. You can set either an inclusive list using allowed_file_extensions and allowed_mime_types or an exclusive list using blocked_file_extensions and blocked_mime_types.
The file_upload_config object accepts the following fields:
| NAME | DESCRIPTION | Example | Default |
|---|---|---|---|
| allowed_file_extensions | An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected. | [“.tar”, “.png”, “.jpg”] | - |
| blocked_file_extensions | An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected. | [“.tar”, “.png”, “.jpg”] | - |
| allowed_mime_types | An array of file MIME types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern. | [“text/css”, “text/plain”, “image/png”] | - |
| blocked_mime_types | An array of file types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern. | [“text/css”, “text/plain”, “image/png”] | - |
| size_limit | A number that represents the maximum accepted file size in bytes. In case its 0 the default maximum is used. | 10485760 | 0 |
For example, the following code shows how to block all attempts to upload any files that are not.csv:
// Only accept .CSV files
await client.updateAppSettings({
file_upload_config: {
allowed_file_extensions: [".csv"],
allowed_mime_types: ["text/csv"]
});# Only accept .CSV files
client.update_app_settings({
"file_upload_config": {
"allowed_file_extensions": [".csv"],
"allowed_mime_types": ["text/csv"],
}})$settings = ["file_upload_config" => [
"allowed_file_extensions" => [".csv"],
"allowed_mime_types" => ["text/csv"]
]
]
client->updateAppSettings($settings);settings := &AppSettings{FileUploadConfig: &FileUploadConfig{
AllowedFileExtensions: []string{".csv"},
AllowedMimeTypes: []string{"text/csv"},
}}
resp, err = client.UpdateAppSettings(ctx, settings)client.update_app_settings({
'file_upload_config' => {
'allowed_file_extensions' => ['.csv'],
'allowed_mime_types' => ['text/csv']
}
})await appClient.UpdateAppSettingsAsync(new AppSettingsRequest
{
FileUploadConfig = new FileUploadConfig
{
AllowedFileExtensions = new List<string> { ".csv" },
AllowedMimeTypes = new List<string> { "text/csv" },
},
});var cfg = App.FileUploadConfigRequestObject
.builder()
.allowedFileExtensions(List.of(".csv"))
.allowedMimeTypes("text/csv")
.build();
App.update().fileUploadConfig(cfg).request();// This is a server-side only feature, choose any of our server-side SDKs to use itImage Uploads
You can set restrictions on file uploads by including an image_upload_config object. You can set either an inclusive list using allowed_file_extensions and allowed_mime_types or an exclusive list using blocked_file_extensions and blocked_mime_types.
The image_upload_config object accepts the following fields:
| NAME | DESCRIPTION | Example | Default |
|---|---|---|---|
| allowed_file_extensions | An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected. | [“.gif”, “.png”, “.jpg”] | - |
| blocked_file_extensions | An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected. | [“.tar”, “.tiff”, “.jpg”] | - |
| allowed_mime_types | An array of file MIME types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern. | [“image/jpeg”, “image/svg+xml”, “image/png”] | - |
| blocked_mime_types | An array of file types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern. | [“text/css”, “text/plain”, “image/tiff”] | - |
| size_limit | A number that represents the maximum accepted file size in bytes. In case its 0 the default maximum is used. | 10485760 | 0 |
For example, the following code shows how to block all attempts to upload any files that are not gif, jpeg, or png files:
// Only accept gif, jpeg, or png files.
await client.updateAppSettings({
image_upload_config: {
allowed_file_extensions: [".gif", ".jpeg", ".png"],
allowed_mime_types: ["image/gif", "image/jpeg", "image/png"]
});# Only accept gif, jpeg, or png files.
client.update_app_settings({
"image_upload_config": {
"allowed_file_extensions": [".gif", ".jpeg", ".png"],
"allowed_mime_types": ["image/gif", "image/jpeg", "image/png"],
}})$settings = ["image_upload_config" => [
"allowed_file_extensions" => [".gif", ".jpeg", ".png"],
"allowed_mime_types" => ["image/gif", "image/jpeg", "image/png"]
]
]
client->updateAppSettings($settings);settings := &AppSettings{ImageUploadConfig: &FileUploadConfig{
AllowedFileExtensions: []string{".gif", ".jpeg", ".png"},
AllowedMimeTypes: []string{"image/gif", "image/jpeg", "image/png"},
}}
resp, err = client.UpdateAppSettings(ctx, settings)client.update_app_settings({
'file_upload_config' => {
'allowed_file_extensions' => ['.gif', '.jpeg', '.png'],
'allowed_mime_types' => ['image/gif', 'image/jpeg', 'image/png']
}
})await appClient.UpdateAppSettingsAsync(new AppSettingsRequest
{
ImageUploadConfig = new FileUploadConfig
{
AllowedFileExtensions = new List<string> { ".gif", ".jpeg", ".png" },
AllowedMimeTypes = new List<string> { "image/gif", "image/jpeg", "image/png" },
},
});var cfg = App.FileUploadConfigRequestObject
.builder()
.allowedFileExtensions(List.of(".gif", ".jpeg", ".png"))
.allowedMimeTypes("image/gif", "image/jpeg", "image/png")
.build();
App.update().imageUploadConfig(cfg).request();// This is a server-side only feature, choose any of our server-side SDKs to use itStream allowed types for images are: image/bmp, image/gif, image/jpeg, image/png, image/webp, image/heic, image/heic-sequence, image/heif, image/heif-sequence, image/svg+xml. Applications can set a more restrictive list, but would not be allowed to set a less restrictive list.