Overview

LAST EDIT Oct 22 2021

Application level settings allow you to configure settings that impact all the channel types in your app. Our backend SDKs make it easy to change the app settings. You can also change most of these using the CLI or the dashboard. Here's an example on changing the disable_auth_checks setting:

A full overview of available settings can be found below:

Permissions

Copied!

The following app settings allow you to control how permissions work for your app:

NAME

DESCRIPTION

DEFAULT

disable_auth_checks

Disabled authentication. Convenient during testing and allows you to use devTokens on the client side. Should not be used in production.

false

disable_permissions_checks

Gives all users full permissions to edit messages, delete them etc. Again not recommended in a production setting, only useful for development.

false

Push

Copied!

NAME

DESCRIPTION

DEFAULT

apn_config

firebase_config

push_config

Hooks

Copied!

Hooks enable you to listen to changes in chat. You can use either webhooks or SQS.

NAME

DESCRIPTION

DEFAULT

webhook_url

This webhook is useful when you want your server application to receive all important events happening in the Stream Chat

-

custom_action_handler_url

This webhook reacts to custom /slash commands and actions on those commands/ MML

-

before_message_send_hook_url

This webhook allows you to modify or moderate message content before sending it to the chat for everyone to see

-

sqs_url

Your SQS url

-

sqs_key

The key for SQS queue

-

sqs_secret

The secret for your SQS queue

-

Moderation & Translation

Copied!

The following settings allow you to control moderation for your chat:

NAME

DESCRIPTION

DEFAULT

image_moderation_labels

Moderation scores returned from the external image moderation API

-

image_moderation_enabled

If image moderation AI should be turned on

-

enforce_unique_usernames

If Stream should enforce username uniqueness. This prevents people from joining the chat as "elonmusk" while "elonmusk" is presenting.

-

auto_translation_enabled

If Stream should automatically translate messages

-

File Uploads

Copied!

You can set restrictions on file uploads by including a file_upload_config object. You can set either an inclusive list using allowed_file_extensions and allowed_mime_types or an exclusive list using blocked_file_extensions and blocked_mime_types.

The file_upload_config object accepts the following fields:

NAME

DESCRIPTION

Example

Default

allowed_file_extensions

An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected.

[".tar", ".png", ".jpg"]

-

blocked_file_extensions

An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected.

[".tar", ".png", ".jpg"]

-

allowed_mime_types

An array of file MIME types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern.

["text/css", "text/plain", "image/png"]

-

blocked_mime_types

An array of file types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern.

["text/css", "text/plain", "image/png"]

-

For example, the following code shows how to block all attempts to upload any files that are not .csv:

Image Uploads

Copied!

You can set restrictions on file uploads by including an image_upload_config object. You can set either an inclusive list using allowed_file_extensions and allowed_mime_types or an exclusive list using blocked_file_extensions and blocked_mime_types.

The image_upload_config object accepts the following fields:

NAME

DESCRIPTION

Example

Default

allowed_file_extensions

An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected.

[".gif", ".png", ".jpg"]

-

blocked_file_extensions

An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected.

[".tar", ".tiff", ".jpg"]

-

allowed_mime_types

An array of file MIME types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern.

["image/jpeg", "image/svg+xml", "image/png"]

-

blocked_mime_types

An array of file types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern.

["text/css", "text/plain", "image/tiff"]

-

For example, the following code shows how to block all attempts to upload any files that are not gif, jpeg, or png files:

Stream allowed types for images are: image/bmp, image/gif ,image/jpeg, image/png, image/webp, image/heic, image/heic-sequence, image/heif, image/heif-sequence, image/svg+xml.  Applications can set a more restrictive list, but would not be allowed to set a less restrictive list.