Roles and permissions are integral to managing access in any digital workspace. Rocket.Chat employs a comprehensive role-based system for secure and efficient workspace management. This system allows administrators to assign roles, each with a specific set of , to control user actions and access levels within the workspace.
A Rocket.Chat administrator has the Admin role, which gives full access to the entire Rocket.Chat workspace. They can manage both Workspace Administration and Omnichannel settings.
Rocket.Chat users can have one or more roles, allowing them to perform the various actions granted by the Role's permissions.
user
bot
guest
anonymous
Unauthenticated visitors on your Rocket.Chat workspace. Anonymous users do not have a specified username.
app
Owner
Leader
A channel Leader gets pinned on the top of a channel and can receive 1:1 messages from other channel users.
Moderator
Moderators can manage messages, delete messages, and ban users from a specific channel.
auditor
auditor-log
Livechat Agent
Livechat Manager
livechat-monitor
There are three different roles within a Publisher, which include the following:
The Owner role is applied whenever someone creates a publisher. Each of the subsequent roles only applies to people they have invited.
The owner has permission to manage everything on the publisher dashboard. It includes managing both Apps and other Users.
To change the role of another user,
Click Change Role from the Actions dropdown across the user in question
Select the desired Role to change
A user with the developer role can read everything and update Apps.
The viewer role can read everything but can.t update anything.
Rocket.Chat's role-based system provides a robust and flexible mechanism for managing access to resources and features within a workspace. By offering a variety of predefined roles and the ability to create custom roles, Rocket.Chat ensures that workspace administrators can effectively control and limit user actions.
The user role is the most common in Rocket.Chat. It serves as a standard role for all members of a Rocket.Chat workspace. Users can join , send messages, upload files, and participate in all forms of communication.
are automated users that can be programmed to perform specific tasks, such as sending messages, answering questions, and triggering notifications.
Guest users are users with limited access to your Rocket.Chat workspace. They can take participate only in they're a part of.
Automated users that are used by Rocket.Chat Apps from the
A owner is a user designated as the owner of a specific channel. The channel owner can manage the channel, including controlling access to joining the channel, editing channel settings, and managing messages within the channel.
It allows a user to view and within the workspace. Users with auditor roles alone cannot send messages.
The auditor-log role allows a user to see with timestamps and by whom. Users with just the auditor-log role cannot send messages.
roles allow users to interact with or manage various Omnichannel features.
Live Chat handle visitors' inquiries and support requests through .
Live Chat can manage Livechat and all other features.
Users with the livechat-monitor role can view and Live Chat interactions and analytics.
You can create and manage custom roles with specified permissions tailored to your needs. To learn more, see .
Internally, we have two roles for ; one within the publisher and the second within the system. Henceforth, they're known as publisher roles and system roles.
See to learn more about the role scopes in Rocket.Chat.