Daedalus Documentation
Permissions Guide
Docschevron_right Guideschevron_right Permissions


Permissions are the way you control what users are and are not able to do on your server. Managing permissions correctly is imperative to prevent abuse and give your members an optimal experience.

However, it can be very difficult to manage them correctly, and even small exploits that don't cause severe problems or damage can still make the server appear disorganized and poorly run.

In this guide, we explain the details behind how permissions interact and are calculated. You can find a list of permissions at the bottom of this page.


Certain actions correspond to a specific channel, and the permissions relating to those can be overridden per-channel. For example, you can control whether or not users can send messages at a per-channel leve.

The priority order of permissions and overrides may not be intuitive. Here's how it's calculated:

  • If the user has a user-level override, it applies.
  • If the user has any role that is allowed by a role-level override, they are allowed.
  • If the user has any role that is denied by a role-level override, they are denied.
  • If there is an @everyone-level override, it applies.
  • If the user has any role that has that permission globally, they are allowed.
  • They are denied.

Crucially, role-level overrides do not follow role hierarchy; rather, if any role allows it, you are allowed, even if a higher role denies it. As such, you should avoid role-level allow overrides when possible as it prevents you from using role-level deny overrides properly in the future.

A common mistake arising from this is with mute roles - if you give a verification role a channel override to be able to speak in a channel, then mute roles no longer work for verified users.

Permissions that are not channel-specific like Ban Users will just check whether or not the user has any role with that permission.

Some permissions will consider other permissions - for example, sending messages first requires the user to be able to view the channel.

How To


Due to the way permissions are calculated (positive role overrides always overrule negative role overrides), you generally want to minimize positive role overrides as much as possible. Note that positive @everyone overrides are fune as role overrides always take priority over those.

How do I set up a verification role?

Most servers have a role that is granted by clicking on the verification prompt to confirm that they have read the rules (and as a trivial filter against bots). Generally, channels will only be visible to verified users.

Make sure you remember that positive overrides you grant the verified role are effectively no longer able to be denied by role-level overrides. Therefore, do not give verified users explicit channel overrides allowing them to send messages if you want mute roles to be able to work.

The best way to make verification roles is to deny @everyone the base permission to view channels and grant it to the verification role globally. Then, all channels will, by default, be visible only to verified users. This way, you don't have to set overrides on every channel blocking @everyone.

If you want a public channel that @everyone can see but only verified users can send messages in, you can do the same and disable sending messages at a global level for @everyone and enable it for the verification role. To then have a public channel that @everyone can send messages in, just use a positive override. Remember that @everyone overrides are always lower priority than role overrides, so this isn't a problem.

Consider using Discord's built-in verification system and just allowing @everyone to see and send messages in all channels! Verification roles offer little to no security anyway. Additionally, most bots/raids consist of user bots spamming server members' DMs, which you would not need to get a verification role to do. However, if you have not passed Discord's built-in verification, it will not let you DM people whose only mutual server with you is that server.

How do I set up access roles?

You may want to lock some channels behind access roles such as reaction roles (e.g. a discussion category that only some users want to see). You will have to use a positive role override in this case. Firstly, deny @everyone permission via an override. Then, grant the access role permission.

The key point is just to avoid enabling any positive overrides except basic access (View Channel).

Consider using Discord's built-in onboarding and community customization features if you have access to it. If members can self-assign the access roles, this makes the process much more streamlined and instead of using overrides, members can just hide channels directly from their community customization.

Note that the above doesn't apply to channels where the role isn't self-assigned, e.g. staff channels. In that case, just use the override method.

What about read-only staff channels?

If you are granting positive overrides to staff members, that is fine. The reason you want to avoid role-level allow overrides is that it prevents you from locking them out via a negative role, but you shouldn't need to mute your staff members, and if so, there is probably more that needs to be done. If really needed, you can just temporarily demote them or time them out.

How do I set up a mute role?

Set an override in every channel that denies permissions you want muted users to be unable to use. We recommend Send Messages, Send Messages in Threads, Add Reactions, and Connect. If you allow your members to create threads, you should also deny that to the mute role.

Consider using Discord's built-in timeouts. There are several advantages - it makes it obvious to the user that they are timed out, lets moderators easily see that they are timed out without other users being able to see, and shows a countdown to the user in their client. There are also disadvantages, most notable that timeouts can only go up to 28 days and they block all permissions except viewing channels and reading message history. This prevents them from reacting, even via adding to existing reactions, and cannot click buttons, making reaction roles inaccessible to them.


The following is a list of all Discord permissions and what they do.

Create Invite CreateInstantInvite link

Allows users to create invite links to the server, which other users can use to join the server. Users do not need this permission to share existing invite links, including the vanity URL, only to create new invites.

This does not allow users to add bots; that requires Manage Server.

Kick Members KickMembers link

Allows users to kick members from the server, instantly removing them from the server but not preventing them from rejoining. This is subject to role hierarchy.

Ban Users BanMembers link

Allows users to ban members from the server, preventing them from rejoining the server and also banning their IP.

Allows users to unban members, allow them to rejoin the server (if they have an invite; unbanning does not re-add members).

Bans are permanent unless revoked. Users who aren't in the server can be banned to prevent them from joining. This is subject to role hierarchy, and non-members are considered underneath everyone.

Administrator Administrator link

Grants users all permissions in the server and in all channels. Also prevents users from being timed out by anyone. This is still subject to role hierarchy, so admins cannot kick/ban anyone not below them and can be kicked/banned by anyone above them.

This is a dangerous permission to grant! Administrators gain permission to do anything - all permissions, as well as access to all channels. They are not immune to moderation except for timeouts, but deny overrides will have no effect on them.

Manage Channels ManageChannels link

Allows users to create, edit, and delete channels. Editing channels includes changing the channel's name, topic, bitrate, video quality, user limit, region, slowmode, auto-archive duration for threads, etc.

This permission does not allow users to edit channel overrides; that is part of Manage Roles.

Manage Server ManageGuild link

Allows users to edit server properties such as the name, icon, banner, etc. Also allows users to add applications to the server (e.g. bots). Also allows users to configure built-in AutoMod and users with this permission always bypass AutoMod.

This does not allow users to delete the server, change the 2FA requirement for moderation, or apply for Discord partnership. Those are only available to the server owner.

Add Reactions AddReactions link

Allows users to add new emoji reactions to messages.

This permission is not needed to add to an existing reaction, e.g. in the case of reaction role prompts. Users who are timed out or have not passed membership screening cannot do this.

Users can always remove their own reactions.

View Audit Log ViewAuditLog link

Allows users to see the audit log which keeps track of moderation and administrative actions for a certain amount of time. They can see all actions, even those that they do not have permission to perform.

Use Priority Speaker PrioritySpeaker link

Allows users to enable Push-To-Talk Priority Speaker mode, which causes all other users in a voice channel to have their volume reduces while the user is using priority mode.

Stream Stream link

Allows users to stream in a voice channel, including screensharing and using the video camera.

View Channel ViewChannel link

Allows users to see channels and see incoming messages while focused on the channel. Users can see category channels if they can see at least one channel in it, and seeing a category does not automatically allow them to see any or all channels in it.

The ability to see messages that were sent when the user was offline or the channel was unfocused is controlled by Read Message History.

Send Messages SendMessages link

Allows users to send messages in text and text-in-voice channels that they can view. Also allows users to create forum posts but not to talk in them.

To talk in threads and forum posts, users need Send Messages in Threads instead.

Send Test-To-Speech Messages SendTTSMessages link

Allows users to use /tts which sends a message that is read aloud to everyone focused on the channel.

Manage Messages ManageMessages link

Allows users to delete other users' messages, pin messages, publish other users' messages in announcement channels, and remove embeds from other users' messages. Except for pinning messages, the other three are always available for one's own messages. This is not subject to role hierarchy.

Embed Links EmbedLinks link

Links that users send will show embeds if possible and the user has not suppressed embeds using <...>. For bots, this is necessary for them to send custom embeds in messages.

Attach Files AttachFiles link

Allows users to upload files in messages they send. This is not limited to images; users can upload most types of files.

Read Message History ReadMessageHistory link

Allows users to view messages in channels that they can view, even if they were not focused on the channel at the time, and allows them to search back through all past messages.

Without this permission, users will see "You do not have permission to view the history of this channel." and will only be able to see messages received by their client while they were in that channel.

Mention <code>@everyone</code>, <code>@here</code>, and All Roles MentionEveryone link

Allows users to use @everyone to ping all server members who can see the channel, @here to ping all online members who can see the channel, and ping any role regardless of if it has the "Allow anyone to @mention this role" setting enabled. This is not subject to role hierarchy.

Use External Emoji UseExternalEmojis link

Allows users to use emoji from other servers in messages and reactions (if they have Nitro or are a bot).

View Server Insights ViewGuildInsights link

Allows users to see the server insights page, which provides information about server health, members joining and leaving, which invites they are using, member retention, participant message count, etc.

Connect Connect link

Allows users to join voice and stage channels that they can see. Being able to speak is controlled by Speak but they can listen unless deafened.

Speak Speak link

Allows users to speak in voice channels that they are connected to. This does not allow users to speak in stage channels; stage moderators are appointed separately per stage channel (via the channel permission settings) and choose who is allowed to speak.

Mute Members MuteMembers link

Allows users to force-mute users (including themselves), preventing them from speaking in any channel regardless of if they have the Speak permission. Also allows users to undo force-mutes, including on themselves. Users who have muted themselves cannot be muted by anyone else. This is not subject to role hierarchy.

Deafen Members DeafenMembers link

Allows users to force-deafen users (including themselves), preventing them from hearing what is happening in voice or stage channels. Also allows users to undo force-deafens, including on themselves. Users who have deafened themselves cannot be undeafened by anyone else. This is not subject to role hierarchy.

Unlike how self-deafening works, a user can be force-deafened but still allowed to speak. This can be used to disable music bots' ability to hear, which is useful if you are concerned about spying.

Move Members MoveMembers link

Allows users to move members who are already in a voice channel in this server into another voice channel. The user performing this action must have [[Connect]] in the target channel, but the target user does not need to be able to see or join it on their own. Users cannot be connected by another user and can never be moved between servers even if the user has this permission in both servers. This is not subject to role hierarchy.

Use Voice Activity Detection UseVAD link

Allows users to use voice activity detection mode. Without this permission, users can only use Push-To-Talk.

Change Nickname ChangeNickname link

Allows users to change their own nickname.

Manage Nicknames ManageNicknames link

Allows users to change other members' nicknames. This is subject to role hierarchy.

Manage Roles ManageRoles link

Allows users to create, edit, delete, add, and remove roles that are below them in role hierarchy (however, adding/removing roles can be done to members above them in hierarchy).

Allows users to edit channel overrides for roles that are below them and permissions that they have.

Manage Webhooks ManageWebhooks link

Allows users to create, edit, and delete webhooks, as well as view a list of webhooks and get their URLs.

Manage Emoji and Stickers ManageEmojisAndStickers link

Allows users to upload, rename, and delete emojis and stickers. Also allows bots to control which roles can use emojis, which is a little-known feature that isn't very useful and isn't supported by most bots.

Use Application Commands UseApplicationCommands link

Allows users to use slash commands and context menu commands (right clicking a message or user and selecting "Apps").

This permission is not needed for the bot to support application commands; that is the application.commands scope set when inviting the bot. If you are not seeing a bot's commands and you gave it this scope, you likely have too many bots; if you have over 50 bots, some will no longer be able to register commands.

In fact, this permission currently does nothing for bots.

Request to Speak RequestToSpeak link

Allows users to request to become a speaker in stage channels, which can be approved or denied by stage moderators.

Manage Events ManageEvents link

Allows users to create, edit, and delete server events, including starting and ending them.

Manage Threads ManageThreads link

Allows users to edit, archive, unarchive, lock, unlock, and delete threads and view all private threads.

Create Public Threads CreatePublicThreads link

Allows users to create public threads (threads that all users can see).

Create Private Threads CreatePrivateThreads link

Allows users to create private threads, which can only be seen by users with Manage Threads and users who are explicitly invited to the thread.

Use External Stickers UseExternalStickers link

Allows users to send messages with stickers from other servers.

Send Messages in Threads SendMessagesInThreads link

Allows users to send messages in threads and forum posts.

To create forum posts and talk in text and text-in-voice channels, users need Send Messages.

Use Activities UseEmbeddedActivities link

Allows users to use activities such as YouTube's Watch Together in voice channels.

Timeout Members ModerateMembers link

Allows users to timeout other members, disabling all permissions except [[ViewChannel]] and [[ReadMessageHistory]]. Some other features like adding to existing reactions or using message components (buttons and dropdowns) are also disabled.

Users with Administrator cannot be timed out. If a user is timed out and gains the permission, their timeout will be canceled. Even if an administrator could be timed out, it would take no effect.