Permissions
Control who can access channels and user metadata in your chat app. Define permission schemas to protect against unauthorized access.
Examples:
- Restrict channel/profile modifications to specific users
- Allow only admins to remove users from channels
Unreal Chat SDK limitations (client-side only):
- Channel membership restrictions (direct, group, public)
- Feature availability errors in public chats (typing indicator, invites, read receipts)
Use Access Manager for strict server-enforced access rules. We recommend Unreal SDK's Access Manager for server-side operations.
Required configuration
- Enable Access Manager in the Admin Portal.
- Initialize Unreal SDK:
- Server: with
Secret Keyto administer permissions
- Server: with
- Initialize Unreal Chat SDK:
- Client: with
Auth Keyto authenticate users
- Client: with
See Moderation for examples.
Secret key security
Never expose Secret Key to clients. If compromised, generate a new one in the Admin Portal.
Use Access Manager
Available Unreal SDK methods:
GrantToken()- Generate time-limited token with access control listRevokeToken()- Disable token and revoke permissionsParseToken()- Decode token to view permissionsSetToken()- Update authentication token
Channel group limitation
Unreal Chat SDK doesn't support channel groups. Set permissions only for channels and users.
Resource permissions
Define operations users can perform on PubNub resources:
| Resource type | Permissions |
|---|---|
channels | read, write, get, manage, update, join, delete |
uuids | get, update, delete |
Read the Moderation documentation to learn how you can mute and ban users in your chat app and secure these restrictions with Access Manager.
Check for permissions
You can use the AccessManager->CanI() method to check if the current user has permissions for particular operations on a specific resource. For more information, refer to Token permissions.