// disable auth checks, allows dev token usage
await client.updateAppSettings({
disable_auth_checks: true,
});
// re-enable auth checks
await client.updateAppSettings({
disable_auth_checks: false,
});
Overview
Application level settings allow you to configure settings that impact all the channel types in your app. Our backend SDKs make it easy to change the app settings. You can also change most of these using the CLI or the dashboard. Here’s an example on changing the disable_auth_checks setting:
# disable auth checks, allows dev token usage
client.update_app_settings(disable_auth_checks=True)
# re-enable auth checks
client.update_app_settings(disable_auth_checks=False)
// disable auth checks, allows dev token usage
$update = $client->updateAppSettings([
'disable_auth_checks' => true
]);
// re-enable auth checks
$update = $client->updateAppSettings([
'disable_auth_checks' => false
]);
// disable auth checks, allows dev token usage
settings := NewAppSettings().SetDisableAuth(true)
err = client.UpdateAppSettings(settings)
if err != nil {
log.Fatalf("Err: %v", err)
}
// re-enable auth checks
err = client.UpdateAppSettings(NewAppSettings().SetDisableAuth(false))
if err != nil {
log.Fatalf("Err: %v", err)
}
# require 'stream-chat'
# disable auth checks, allows dev token usage
client.update_app_settings({ 'disable_auth_checks' => true })
# re-enable auth checks
client.update_app_settings({ 'disable_auth_checks' => false })
await appClient.UpdateAppSettingsAsync(new AppSettingsRequest
{
DisableAuth = true,
});
// re-enable auth checks
await appClient.UpdateAppSettingsAsync(new AppSettingsRequest
{
DisableAuth = false,
});
// disable auth checks, allows dev token usage
App.update().disableAuthChecks(true).request();
// re-enable auth checks
App.update().disableAuthChecks(false).request();
// This is a server-side only feature, choose any of our server-side SDKs to use it
A full overview of available settings can be found below:
Permissions
The following app settings allow you to control how permissions work for your app:
NAME | DESCRIPTION | DEFAULT |
---|---|---|
disable_auth_checks | Disabled authentication. Convenient during testing and allows you to use devTokens on the client side. Should not be used in production. | false |
disable_permissions_checks | Gives all users full permissions to edit messages, delete them etc. Again not recommended in a production setting, only useful for development. | false |
Push
CDN
NAME | DESCRIPTION | DEFAULT |
---|---|---|
cdn_expiration_seconds | CDN URL expiration time. See details. | 1209600 (14 days) |
Hooks
Custom Action Handler and Before Message Send Webhooks
NAME | DESCRIPTION | DEFAULT |
---|---|---|
custom_action_handler_url | This webhook reacts to custom /slash commands and actions on those commands/ | - |
before_message_send_hook_url | This webhook allows you to modify or moderate message content before sending it to the chat for everyone to see | - |
Webhooks, SQS, SNS, and pending messages
Webhooks, SQS, SNS, and pending messages async moderation now use the event_hooks
array configuration. See the Multi-Event Hooks documentation for complete details.
Moderation & Translation
The following settings allow you to control moderation for your chat:
NAME | DESCRIPTION | DEFAULT |
---|---|---|
image_moderation_labels | Moderation scores returned from the external image moderation API | - |
image_moderation_enabled | If image moderation AI should be turned on | - |
enforce_unique_usernames | If Stream should enforce username uniqueness. This prevents people from joining the chat as “elonmusk” while “elonmusk” is presenting. | - |
auto_translation_enabled | If Stream should automatically translate messages | - |
async_url_enrich_enabled | If url enrichment should be done async. It will trigger message.updated event | - |
File Uploads
You can set restrictions on file uploads by including a file_upload_config
object. You can set either an inclusive list using allowed_file_extensions
and allowed_mime_types
or an exclusive list using blocked_file_extensions
and blocked_mime_types
.
The file_upload_config
object accepts the following fields:
NAME | DESCRIPTION | Example | Default |
---|---|---|---|
allowed_file_extensions | An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected. | [“.tar”, “.png”, “.jpg”] | - |
blocked_file_extensions | An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected. | [“.tar”, “.png”, “.jpg”] | - |
allowed_mime_types | An array of file MIME types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern. | [“text/css”, “text/plain”, “image/png”] | - |
blocked_mime_types | An array of file types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern. | [“text/css”, “text/plain”, “image/png”] | - |
size_limit | A number that represents the maximum accepted file size in bytes. In case its 0 the default maximum is used. | 10485760 | 0 |
For example, the following code shows how to block all attempts to upload any files that are not .csv:
// Only accept .CSV files
await client.updateAppSettings({
file_upload_config: {
allowed_file_extensions: [".csv"],
allowed_mime_types: ["text/csv"]
});
# Only accept .CSV files
client.update_app_settings({
"file_upload_config": {
"allowed_file_extensions": [".csv"],
"allowed_mime_types": ["text/csv"],
}})
$settings = ["file_upload_config" => [
"allowed_file_extensions" => [".csv"],
"allowed_mime_types" => ["text/csv"]
]
]
client->updateAppSettings($settings);
settings := &AppSettings{FileUploadConfig: &FileUploadConfig{
AllowedFileExtensions: []string{".csv"},
AllowedMimeTypes: []string{"text/csv"},
}}
resp, err = client.UpdateAppSettings(ctx, settings)
client.update_app_settings({
'file_upload_config' => {
'allowed_file_extensions' => ['.csv'],
'allowed_mime_types' => ['text/csv']
}
})
await appClient.UpdateAppSettingsAsync(new AppSettingsRequest
{
FileUploadConfig = new FileUploadConfig
{
AllowedFileExtensions = new List<string> { ".csv" },
AllowedMimeTypes = new List<string> { "text/csv" },
},
});
var cfg = App.FileUploadConfigRequestObject
.builder()
.allowedFileExtensions(List.of(".csv"))
.allowedMimeTypes("text/csv")
.build();
App.update().fileUploadConfig(cfg).request();
// This is a server-side only feature, choose any of our server-side SDKs to use it
Image Uploads
You can set restrictions on file uploads by including an image_upload_config
object. You can set either an inclusive list using allowed_file_extensions
and allowed_mime_types
or an exclusive list using blocked_file_extensions
and blocked_mime_types
.
The image_upload_config
object accepts the following fields:
NAME | DESCRIPTION | Example | Default |
---|---|---|---|
allowed_file_extensions | An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected. | [“.gif”, “.png”, “.jpg”] | - |
blocked_file_extensions | An array of file types that the user can submit. Files with an extension that does not match the values in this array will be rejected. | [“.tar”, “.tiff”, “.jpg”] | - |
allowed_mime_types | An array of file MIME types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern. | [“image/jpeg”, “image/svg+xml”, “image/png”] | - |
blocked_mime_types | An array of file types that the user can submit. Files with an MIME type that does not match the values in this array will be rejected. Must follow the type/ subtype pattern. | [“text/css”, “text/plain”, “image/tiff”] | - |
size_limit | A number that represents the maximum accepted file size in bytes. In case its 0 the default maximum is used. | 10485760 | 0 |
For example, the following code shows how to block all attempts to upload any files that are not gif, jpeg, or png files:
// Only accept gif, jpeg, or png files.
await client.updateAppSettings({
image_upload_config: {
allowed_file_extensions: [".gif", ".jpeg", ".png"],
allowed_mime_types: ["image/gif", "image/jpeg", "image/png"]
});
# Only accept gif, jpeg, or png files.
client.update_app_settings({
"image_upload_config": {
"allowed_file_extensions": [".gif", ".jpeg", ".png"],
"allowed_mime_types": ["image/gif", "image/jpeg", "image/png"],
}})
$settings = ["image_upload_config" => [
"allowed_file_extensions" => [".gif", ".jpeg", ".png"],
"allowed_mime_types" => ["image/gif", "image/jpeg", "image/png"]
]
]
client->updateAppSettings($settings);
settings := &AppSettings{ImageUploadConfig: &FileUploadConfig{
AllowedFileExtensions: []string{".gif", ".jpeg", ".png"},
AllowedMimeTypes: []string{"image/gif", "image/jpeg", "image/png"},
}}
resp, err = client.UpdateAppSettings(ctx, settings)
client.update_app_settings({
'file_upload_config' => {
'allowed_file_extensions' => ['.gif', '.jpeg', '.png'],
'allowed_mime_types' => ['image/gif', 'image/jpeg', 'image/png']
}
})
await appClient.UpdateAppSettingsAsync(new AppSettingsRequest
{
ImageUploadConfig = new FileUploadConfig
{
AllowedFileExtensions = new List<string> { ".gif", ".jpeg", ".png" },
AllowedMimeTypes = new List<string> { "image/gif", "image/jpeg", "image/png" },
},
});
var cfg = App.FileUploadConfigRequestObject
.builder()
.allowedFileExtensions(List.of(".gif", ".jpeg", ".png"))
.allowedMimeTypes("image/gif", "image/jpeg", "image/png")
.build();
App.update().imageUploadConfig(cfg).request();
// This is a server-side only feature, choose any of our server-side SDKs to use it
Stream allowed types for images are: image/bmp
, image/gif
, image/jpeg
, image/png
, image/webp
, image/heic
, image/heic-sequence
, image/heif
, image/heif-sequence
, image/svg+xml
. Applications can set a more restrictive list, but would not be allowed to set a less restrictive list.
User’s Average Response Time
The User Average Response Time feature enables users to view the average response time of other users in their public profiles. This metric helps set expectations for communication responsiveness, which is particularly valuable in marketplace applications where prompt responses are important for successful transactions.
Configuration
To enable user response time tracking, set the user_response_time_enabled
setting to true
:
// Enable user response time tracking
await client.updateAppSettings({
user_response_time_enabled: true,
});
# Enable user response time tracking
client.update_app_settings(user_response_time_enabled=True)
// Enable user response time tracking
$update = $client->updateAppSettings([
'user_response_time_enabled' => true
]);
// Enable user response time tracking
settings := NewAppSettings().SetUserResponseTimeEnabled(true)
err = client.UpdateAppSettings(settings)
if err != nil {
log.Fatalf("Err: %v", err)
}
# Enable user response time tracking
client.update_app_settings({ 'user_response_time_enabled' => true })
// Enable user response time tracking
await appClient.UpdateAppSettingsAsync(new AppSettingsRequest
{
UserResponseTimeEnabled = true,
});
// Enable user response time tracking
App.update().userResponseTimeEnabled(true).request();
// This is a server-side only feature, choose any of our server-side SDKs to use it
Once enabled, the avg_response_time
field will be included in user responses and displayed in user profiles.
Use Cases
Marketplace Applications
- Buyers can see how quickly sellers typically respond before initiating contact
- Marketplaces can highlight responsive sellers with badges or sorting options
- Customer support teams can identify and reward highly responsive users
Service Platforms
- Service providers can demonstrate their responsiveness to potential clients
- Users can select service providers based on communication expectations
Customer Support Applications
- Display agent responsiveness to help manage customer expectations
- Create internal leaderboards based on response times
How It Works
- The system tracks the time between replies in a channel and when they respond
- When a user sends a new message that isn’t the first in a channel, the system calculates a new average
- This data is then displayed in the user’s public profile or returned in the
avg_response_time
field