User Roles

LAST EDIT Apr 14 2021

User Roles

Copied!

Stream has user roles to control which permissions end-users and staff members of an application have can use. Stream provides default permissions for 5 different channel types, but these are customizable and custom channel types can be created through the dashboard. Permissions essentially amount to the features and endpoints that a user_id has access to when accessing the Stream API.

Example: a guest user can read a Livestream channel but cannot write to it.
Example: only members of direct message channel should be able to access the channel.

Stream maintains a user role for each user_id at an Application level and a Channel level. This is to allow flexibility and to cover a wider range of use cases.

Application User Roles

Copied!

Role

Description

Permissions

Anonymous

Does not require a JWT and does not require a user_id registered with Stream

Lowest

Guest

Does not require a JWT and has slightly higher permissions than Anonymous users

Low

User

A registered user on the app with a JWT provided by a trusted source (server)

Normal

Admin

A registered user with elevated permissions granted from a trusted source (server)

High

Server-side

Not technically a user role. This is the client instantiated with the app key and secret. This is the highest level of administration and is run on the server

Highest

Neither anonymous nor guest users can be added to channels as members.

Channel User Roles

Copied!

Roles

Description

Permissions

Member

A typical member of a channel and the default user role for an Application User

Normal

Moderator

Elevated permissions on a channel. Granted to channel members through this method

High

Admin

Any Application Admin that is added as a channel member is automatically an Channel Admin

Highest