Skip to main content

đŸ‘Ĩ Role Settings

Configure role-based access control to manage who can perform different actions in your TKI Auth system.

Configuration Overview​

Roles:
  ClientRole: "1354369854840242267"
  ListProducts: ["1354369579144445972"]
  CreateProduct: ["1354369530364825600"]
  DeleteProduct: ["1354369530364825600"]
  # ... more role configurations

Role Categories​

Client Role​

ClientRole​

Type: string | Required: No

The role automatically assigned to users when they receive a license. Users also receive the specific product role.

ClientRole: "1354369854840242267"  # Auto-assigned to license holders
ClientRole: ""                     # Disabled (leave blank)

Benefits:

  • Automatically identifies license holders
  • Provides base permissions for all customers
  • Can be used for customer-only channels/features
  • Simplifies permission management

Product Management Roles​

ListProducts​

Type: array | Required: Yes

Roles that can view the list of all products in the system.

ListProducts: ["1354369579144445972", "1354369530364825600"]

CreateProduct​

Type: array | Required: Yes

Roles that can create new products in the system.

CreateProduct: ["1354369530364825600"]  # Admin only

DeleteProduct​

Type: array | Required: Yes

Roles that can delete existing products and their associated licenses.

DeleteProduct: ["1354369530364825600"]  # Admin only
Destructive Action

Deleting a product also deletes ALL associated licenses. This action cannot be undone.

ChangeVersion​

Type: array | Required: Yes

Roles that can modify product versions.

ChangeVersion: ["1354369530364825600"]  # Admin only

License Management Roles​

ListLicenses​

Type: array | Required: Yes

Roles that can view lists of all licenses in the system.

ListLicenses: ["1354369579144445972"]  # Support staff

CreateLicense​

Type: array | Required: Yes

Roles that can create new licenses for products.

CreateLicense: ["1354369579144445972", "1354369530364825600"]

EditLicense​

Type: array | Required: Yes

Roles that can modify existing license properties (expiry, caps, etc.).

EditLicense: ["1354369530364825600"]  # Admin only

SearchLicense​

Type: array | Required: Yes

Roles that can search for specific licenses by various criteria.

SearchLicense: ["1354369579144445972"]  # Support staff

DeleteLicense​

Type: array | Required: Yes

Roles that can delete individual licenses.

DeleteLicense: ["1354369530364825600"]  # Admin only

Staff License Management​

CreateStaffLicense​

Type: array | Required: Yes

Roles that can create staff licenses (licenses that work for all products).

CreateStaffLicense: ["1368909168320315422"]  # Senior admin only

RemoveStaffLicense​

Type: array | Required: Yes

Roles that can remove staff license privileges.

RemoveStaffLicense: ["1368909168320315422"]  # Senior admin only

EditStaffLicense​

Type: array | Required: Yes

Roles that can edit staff license properties.

EditStaffLicense: ["1368909168320315422"]  # Senior admin only

Blacklist Management​

ListBlacklist​

Type: array | Required: Yes

Roles that can view blacklist entries.

ListBlacklist: ["1354369579144445972"]  # Support staff

CreateBlacklist​

Type: array | Required: Yes

Roles that can add entries to the blacklist (IPs, HWIDs, licenses).

CreateBlacklist: ["1360995434780164156"]  # Moderator level

RemoveBlacklist​

Type: array | Required: Yes

Roles that can remove entries from the blacklist.

RemoveBlacklist: ["1360995434780164156"]  # Moderator level

Example Role Hierarchies​

Small Team Setup​

Roles:
  ClientRole: "123456789"           # @Customer
  ListProducts: ["987654321"]       # @Staff
  CreateProduct: ["987654321"]      # @Staff
  DeleteProduct: ["555666777"]      # @Admin
  ChangeVersion: ["555666777"]      # @Admin
  ListLicenses: ["987654321"]       # @Staff
  CreateLicense: ["987654321"]      # @Staff
  EditLicense: ["555666777"]        # @Admin
  SearchLicense: ["987654321"]      # @Staff
  DeleteLicense: ["555666777"]      # @Admin
  ListBlacklist: ["987654321"]      # @Staff
  CreateBlacklist: ["987654321"]    # @Staff
  RemoveBlacklist: ["987654321"]    # @Staff
  CreateStaffLicense: ["555666777"] # @Admin
  RemoveStaffLicense: ["555666777"] # @Admin
  EditStaffLicense: ["555666777"]   # @Admin

Large Organization Setup​

Roles:
  ClientRole: "111111111"                      # @Customer
  ListProducts: ["222222222", "333333333"]     # @Support, @Manager
  CreateProduct: ["333333333", "444444444"]    # @Manager, @Admin
  DeleteProduct: ["444444444"]                 # @Admin
  ChangeVersion: ["333333333", "444444444"]    # @Manager, @Admin
  ListLicenses: ["222222222", "333333333"]     # @Support, @Manager
  CreateLicense: ["222222222", "333333333"]    # @Support, @Manager  
  EditLicense: ["333333333", "444444444"]      # @Manager, @Admin
  SearchLicense: ["222222222", "333333333"]    # @Support, @Manager
  DeleteLicense: ["444444444"]                 # @Admin
  ListBlacklist: ["222222222", "333333333"]    # @Support, @Manager
  CreateBlacklist: ["555555555", "333333333"]  # @Moderator, @Manager
  RemoveBlacklist: ["555555555", "333333333"]  # @Moderator, @Manager
  CreateStaffLicense: ["666666666"]            # @Senior Admin
  RemoveStaffLicense: ["666666666"]            # @Senior Admin
  EditStaffLicense: ["666666666"]              # @Senior Admin

Security-Focused Setup​

Roles:
  ClientRole: "123456789"
  # Read-only support
  ListProducts: ["111111111"]       # @Support (read-only)
  ListLicenses: ["111111111"]       # @Support (read-only)
  SearchLicense: ["111111111"]      # @Support (read-only)
  ListBlacklist: ["111111111"]      # @Support (read-only)
  
  # License management
  CreateLicense: ["222222222"]      # @License Manager
  EditLicense: ["333333333"]        # @Senior Staff
  DeleteLicense: ["444444444"]      # @Admin
  
  # Product management (admin only)
  CreateProduct: ["444444444"]      # @Admin
  DeleteProduct: ["444444444"]      # @Admin
  ChangeVersion: ["444444444"]      # @Admin
  
  # Security features
  CreateBlacklist: ["555555555"]    # @Security Team
  RemoveBlacklist: ["555555555"]    # @Security Team
  
  # Staff licenses (owner only)
  CreateStaffLicense: ["666666666"] # @Owner
  RemoveStaffLicense: ["666666666"] # @Owner
  EditStaffLicense: ["666666666"]   # @Owner

How to Get Role IDs​

  1. Enable Developer Mode in Discord:

    • User Settings → Advanced → Developer Mode ✅

  2. Get Role ID:

    • Right-click on the role in Server Settings → Roles
    • Select "Copy Role ID"

  3. Alternative Method:

    • Type \@RoleName in any channel
    • The message will show <@&ROLE_ID>
    • Copy the numbers after &

Permission Strategy​

Principle of Least Privilege​

  • Grant only the minimum permissions needed for each role
  • Regularly review and audit role permissions
  • Use separate roles for different functions

Role Hierarchy Recommendations​

  1. Customer/Client - Basic access, view own licenses
  2. Support - View products/licenses, search capabilities
  3. Manager - Create/edit licenses, basic product management
  4. Admin - Full product management, delete capabilities
  5. Senior Admin - Staff license management, system configuration

Common Permission Patterns​

Support Team​

# Can help customers but not modify system
ListProducts: ["support_role_id"]
ListLicenses: ["support_role_id"]
SearchLicense: ["support_role_id"]
ListBlacklist: ["support_role_id"]

License Manager​

# Can manage licenses but not products
ListLicenses: ["license_manager_id"]
CreateLicense: ["license_manager_id"]
SearchLicense: ["license_manager_id"]
EditLicense: ["license_manager_id"]

Product Manager​

# Can manage products and licenses
ListProducts: ["product_manager_id"]
CreateProduct: ["product_manager_id"]
ChangeVersion: ["product_manager_id"]
CreateLicense: ["product_manager_id"]
EditLicense: ["product_manager_id"]

Security Considerations​

Role Separation​

  • Never give all permissions to a single role
  • Separate destructive actions (delete) from creative ones (create)
  • Use different roles for different product lines if needed

Regular Audits​

  • Review role assignments monthly
  • Remove permissions from inactive staff
  • Monitor command usage logs

Troubleshooting​

Common Issues​

Commands not working:

  • Verify role IDs are correct and exist
  • Check that users have the required roles
  • Ensure roles are properly positioned in Discord hierarchy

Permission denied errors:

  • Double-check role ID format (numbers only, no spaces)
  • Verify the role exists in your Discord server
  • Check if the user has the role assigned

Role not being assigned:

  • Verify ClientRole ID is correct
  • Check bot has "Manage Roles" permission
  • Ensure bot's role is higher than the role being assigned
  • Confirm the role exists in the server

Multiple roles not working:

  • Each role ID must be in quotes: ["123", "456"]
  • Separate role IDs with commas
  • Check array syntax is correct

Testing Permissions​

Use these commands to test role configurations:

  1. Test with different users - Have team members test commands
  2. Check role hierarchy - Ensure bot role is positioned correctly
  3. Verify IDs - Double-check all role IDs are accurate
  4. Monitor logs - Watch for permission errors in console

Security Tips​

  1. Limit admin roles - Keep the number of full admins minimal
  2. Use staff licenses carefully - They bypass normal product restrictions
  3. Regular permission reviews - Audit roles monthly
  4. Backup role configs - Keep a record of your role settings