Access Control Blueprints
Permissions, roles, and access control blueprints.
| Blueprint | Description | Version |
|---|---|---|
| Admin Panel | Administrative dashboard for user management, account linking, notification broadcasting, and system configuration | 1.0.0 |
| Data Privacy Compliance | GDPR/CCPA compliance with consent management, data export, right to erasure, and cookie consent | 1.0.0 |
| Fine Grained Authorization | Resource-based and policy-based authorization | 1.0.0 |
| Fleet Device Sharing | Control which users can see and operate which GPS devices through an ACL permission model, with hierarchical device groups that inherit configuration and enable bulk sharing, user restrictions to l… | 1.0.0 |
| Guest Accounts | Restricted user accounts that can be invited to specific channels only, cannot access broader workspace content, and are automatically removed from a workspace when they have no remaining channel… | 1.0.0 |
| Guest Room Access | Allow unauthenticated guest users to access rooms without a full account. Room owners control guest access via a state event. Revoking access removes existing guests. | 1.0.0 |
| Openclaw Gateway Authentication | Multi-mode gateway authentication with rate limiting, device tokens, and Tailscale VPN integration | 1.0.0 |
| Payload Access Control | Function-based access control with collection-level, field-level, and document-level permissions supporting boolean and WHERE clause results | 1.0.0 |
| Permission Scheme Management | Named collections of default role assignments that can be applied to workspaces or channels to customize the permission baseline for all members, replacing system-wide role defaults with… | 1.0.0 |
| Rate Limiting | Configurable request throttling with multiple scopes and algorithms to protect APIs from abuse | 1.0.0 |
| Role Based Access | Role-based access control with hierarchical permission inheritance | 1.0.0 |
| Role Based Access Control | Three-tier RBAC system where permissions are granted through roles assigned at system, workspace, and channel scopes. Roles are additive and hierarchical. | 1.0.0 |
| Room Invitations | Controls how users enter rooms via invitation, direct join, or knock. Enforces join rules and rate-limits invitations. Supports third-party invitations via identity servers. | 1.0.0 |
| Room Power Levels | Fine-grained numeric permission system controlling which users may send event types and perform membership actions. Higher numbers grant broader permissions. | 1.0.0 |
| Team Organization | Multi-tenant organization and team management with member invitations and data isolation | 1.0.0 |
| User Consent Management | OAuth/OIDC consent tracking and enforcement | 1.0.0 |
| User Deactivation Archiving | Controlled suspension and permanent deletion of user accounts, preserving message history and audit trails on soft-deactivation while supporting hard deletion for GDPR right-to-erasure requests. | 1.0.0 |
| User Groups Organizations | Hierarchical groups with role inheritance | 1.0.0 |