Skip to main content


RBAC (Role-Based Access Control) allows you to control what your collaborators can access.

By default, Botpress ships with three roles in addition to the administrator: developer, content editor, and agent.

Extra Roles

Adding a New Role

In the <data>/global/workspaces.json file, you'll find the roles property, which is an array of all the roles you can assign to the collaborators on your workspace. You can add, remove, and edit roles by modifying this array directly.


The rules which govern the users' rights are executed sequentially from first to last. For example, you can assign the following rules:

  1. +r-w on *
  2. +w on bot.content
  3. -r on bot.flows

With the rules above, the user will see everything but the flows and won't be able to change anything but content.

Operations (op)

Below are the access levels which Botpress can configure for a user.

+rGrant read
-rRevoke read
+wGrant write
-wRevoke write

Available Resources (res)

Below are the resources and interfaces to which you can give your chatbot studio users access.

bot.\* All bots inside the workspace
bot.logs The runtime logs
bot.skillsThe flow skills
bot.mediaFile uploads (via the CMS)
bot.contentThe CMS elements (what the bot says)
bot.flowsThe flow editor
bot.informationInformation about the bot
admin.\*The admin dashboard (/admin)
admin.users Admin collaborators
admin.rolesAssigning roles ro collaborators
admin.botsCreating bots and changing their information
module.\*Global access to all modules

Modules only support a single top-level resource and one operation: write. Define as module.MODULE_ID, for example, module.hitl or module.code-editor.


"id": "hitl",
"name": "Human in the Loop",
"description": "Can view and respond to users by using the HITL module",
"rules": [
"res": "*",
"op": "+r"
"res": "module.hitl",
"op": "+r+w"