Permissions
Discord permissions
When you add Volvox.Bot to your server, the default invite requests these permissions:| Permission | Why it’s needed |
|---|---|
| Kick Members | Moderation actions |
| Ban Members | Moderation actions |
| Manage Channels | Create and permission-lock channel-mode support tickets |
| View Channels | Access channels for logging and AI conversations |
| Send Messages | Bot responses, notifications |
| Manage Messages | Auto-mod message deletion |
| Read Message History | Access prior messages for AI context and search |
| Moderate Members | Moderation timeouts |
Volvox.Bot only uses permissions when performing an action. It doesn’t read or store messages unless a feature requires it.
Channel-mode tickets require Manage Channels because Discord treats creating the ticket channel and applying its private permission overwrites as channel management.
Optional role permissions
Welcome verification and level-up role rewards require Discord role management to succeed. The bot’s highest role must be above any role it assigns or removes. If a role workflow fails, check Discord’s role hierarchy before changing Volvox.Bot settings.Dashboard access
Discord roles control dashboard access. By default, server owners and users with the Administrator permission can manage dashboard settings for their server. When you first open the dashboard, the server picker only exposes settings management actions for servers where you’re the owner or an admin. Those cards show Manage when Volvox.Bot is already installed and Add Bot when it still needs to be invited. Moderator-only and viewer-only servers stay read-only and don’t expose settings or invite controls. Configure Volvox.Bot’s admin and moderator role IDs in Settings -> Moderation & Safety -> Permissions. Viewer access is derived from membership and is not a configurable role picker:- Owner — Server owners always get full admin access, regardless of role permissions.
- Admin — Full access to all dashboard features, including settings (granted by the Administrator Discord permission or admin role).
- Moderator — Can act on moderation and tickets where the dashboard or Discord command allows it, but can’t open or change server settings on the dashboard. Promote a moderator to admin if they need to edit configuration.
- Viewer — Read-only member-level access. Viewer access does not expose server settings.
Only owners and admins can open the settings dashboard for a server. If a moderator needs to update configuration, an owner or admin must either make the change for them or grant them the Administrator Discord permission.
Per-feature permissions
You can restrict commands to permission levels through Settings -> Moderation & Safety -> Permissions. Prefix commands and slash commands use the same permission checks.Permissions settings
The Permissions settings tab at/dashboard/settings/moderation-safety?tab=permissions controls dashboard admin roles, moderator roles, and per-command permission levels for prefix commands and slash commands.
Global admin access
Some dashboard pages expose infrastructure-level data that isn’t tied to a single server. Only global admins — operators of the Volvox.Bot deployment itself, not server admins — can access these pages.What requires global admin
Only global admins can access the following dashboard pages and APIs:- Performance (
/dashboard/performance) — Bot uptime, latency, and resource trends across all servers. - Logs (
/dashboard/logs) — Live log stream across all servers, server/channel filtering controls, and the underlying log-stream WebSocket ticket endpoint. Self-hosted dashboards needBOT_PUBLIC_URLset to the public bot origin so the browser can reach/ws/logs.
Self-hosted deployments with separate web and bot services need
BOT_PUBLIC_URL set to the public HTTPS bot origin for live Logs. Keep BOT_API_URL private for server-side dashboard proxy calls.Configuring global admins
Set global admins via theBOT_OWNER_IDS environment variable on the server running the bot and dashboard. Provide a comma-separated list of Discord user IDs:
BOT_OWNER_IDS. This includes both the bot and dashboard when they run separately.
Global admin status is independent of any server’s roles. If you’re listed in
BOT_OWNER_IDS, you only gain access to the operator-only pages above. Normal Discord permissions still govern what you can do in your servers.