Permissions
Make sure your staff and members can access what they need, nothing more, nothing less.
Here is a list of commands with their default permissions:
Get enrollment information
: everyone (this is a user command, not a slash command)/config
: administrator/delete
: administrator/enroll
: everyone/info
: everyone/login
: everyone/logout
: administrator/subscription
: administrator
To configure permissions for the integration, go to Server Settings -> Integrations -> Exoguard:

Recommendations
Here is a list of recommendations regarding Exoguard command permissions:
Keep
/info
public but restrict it to your commands channel to avoid clutterRestrict
Get enrollment information
if you want to have hidden staff membersKeep
/subscription
restricted, you can be held responsible for the use of stolen vouchersOnly allow assigned roles to
/logout
to avoid cluttering your members' slash commands listSeparate vanity roles (hoist, color, ping) and permission roles, then only assign permission roles
Separate vanity roles and permission roles
Here is an example of separate vanity roles and permission roles:

Make sure your vanity roles are above your permission roles to maintain hierarchy! If you put a permission role above, logged in users can act against logged out users.
You can also have a Staff
role above all to make all your staff hierarchically equal.
Having vanity roles allows your members to know at all time who is part of your staff and who isn't, which will avoid confusion in your community. These are the roles that should have a color and be hoisted, but not hold any permission as they are not assigned and therefore permanent.
Permission roles must be assigned, otherwise there is honestly not much point in using Exoguard for your community. You can make them mentionable instead of the vanity roles if you want to have an "on-call" or "active" staff system, where only logged in staff members will be notified.
Allow users with assigned roles to use the /logout
command
/logout
commandWhile users can always log out by using the big red Log out
button on their login confirmation message, you will certainly want to allow assigned roles to use the /logout command as well.
To do that, click on the /logout command within the Exoguard integration settings:

/logout
permissions override modal, with the Moderator Perms
role allowed.This command is restricted by default since it is completely useless for logged out users. You can safely allow everyone to use it, this would however clutter their slash commands.
Restrict all public commands to make them staff-only
While public commands (aka commands everyone can use) are not dangerous, you may want to prevent your server members from executing them on your server if they aren't part of your staff.
We recommend creating a role without any server permission that you will give to your staff.
In this example, it will be named Staff
but you are obviously free to use whatever name you want.
Once your role is created, set a global override to deny everyone and allow Staff
in the settings:

Staff
role can run commands and everyone else cannot.Once you have restricted all public commands, you can still allow individual commands afterward.
As part of our recommendations, you could allow /info
for everyone in your commands channel.
Last updated