Roles and permissions overview
Control what members can see and do in your community.
What are roles and permissions?
Permissions are individual abilities, like "send messages" or "ban members."
Roles are named bundles of permissions that you assign to members. Instead of configuring permissions for each member individually, you create roles that represent different responsibilities.
Access rules control which roles and members can see specific channels and channel groups. They connect your permission structure to your channel structure.
Together, these three concepts let you:
- Prevent mistakes (like a new member accidentally deleting a channel)
- Let trusted members help run and protect the community
- Create private spaces for specific groups
How roles and permissions work together
Permissions are organized into categories:
| Category | Examples |
|---|---|
| Community | Manage Community, View Action Log |
| Members | Invite Users, Remove Members, Manage Bans |
| Channels | Full Control (Channel), Create Channel Groups |
| Messages | Send Messages, Delete Messages, Manage Pinned Messages |
| Files | View Files, Upload Files, Manage Files |
| Voice and Video | Stream Audio, Mute Microphones, Kick Voice Member |
For the complete list, see Permission reference.
Roles bundle these permissions together. Every community starts with two roles:
| Role | Purpose |
|---|---|
| EVERYONE | Assigned to all members automatically. Sets baseline permissions. |
| Admin | Full control. Assigned to the community creator. |
Members can have multiple roles. When they do, Root grants a permission if any of their roles allows it.
Access rules then determine where those permissions apply. A member might have the "Send Messages" permission from their role, but they can only use it in channels where they have an access rule granting visibility. For details on how these pieces combine, see Permission calculation.
What is a member's primary role?
A member's primary role is the role that determines their display color in the community. Members with only the EVERYONE role display in that role's color. When a member is assigned a custom role, it becomes their primary role. If a member has multiple roles, a leader with the Manage Roles permission can change which one is primary.
Changing the primary role is purely visual — it does not change what the member can do. The EVERYONE role cannot be manually set as primary.
When to configure roles and permissions
Create a new role when:
- A group of members needs different permissions than the default
- You want to delegate responsibilities (moderators, team leads)
- You need to identify members visually (roles can have colors)
Use access rules when:
- You need private channels visible only to certain roles
- A channel needs different permissions than normal (like a read-only announcements channel)
- You want to grant access to a specific member without creating a role
Start simple. New communities rarely need complex permission structures. Begin with the default roles and add more as your community grows and needs become clear.