Skip to contentSkip to navigationSkip to topbar
On this page

Flex Conversations Roles

Flex Conversations use Conversations API roles to manage participant permissions when adding participants to a Conversation or when using the Conversations SDK to connect.

The Role Resource represents what a User (e.g. agent, admin, supervisor) can do within the Conversation Service and individual Conversations. Roles are scoped to either a Service or a Conversation.

Flex Conversation Service

flex-conversation-service page anchor

Users are assigned a Role at the Service level. This determines what they can do within the Conversation Service instance, such as creating and destroying Conversations within the Service.

Participants are assigned a Role at the Conversation level. This determines what they are able to do within a particular Conversation, such as inviting Participants to be members of the Conversation, posting Messages, and removing other Participants from the Conversation.

Which Roles does Flex create out-of-the-box?

which-roles-does-flex-create-out-of-the-box page anchor

Flex creates the Conversation Service and adds the following Service and Conversation Roles during the initial Flex account setup.

Service Roles

service-roles page anchor

Role: admin

Default Permissions:

  • joinConversation
  • deleteConversation
  • addParticipant
  • removeParticipant
  • editConversationAttributes
  • editOwnUserInfo
  • editAnyUserInfo

Role: supervisor

Default Permissions:

  • joinConversation
  • addParticipant
  • removeParticipant
  • editOwnUserInfo

Conversation Roles

conversation-roles page anchor

Role: guest [DEFAULT]

Default Permissions:

  • sendMessage
  • sendMediaMessage
  • leaveConversation

Role: agent

Default Permissions:

  • editConversationAttributes
  • sendMessage
  • sendMediaMessage
  • leaveConversation
  • editOwnMessage
  • editOwnMessageAttributes
  • deleteOwnMessage

Role: admin

Default Permissions:

  • editConversationAttributes
  • sendMessage
  • sendMediaMessage
  • leaveConversation
  • editOwnMessage
  • editOwnMessageAttributes
  • deleteOwnMessage
  • editAnyMessage
  • editAnyMessageAttributes
  • deleteAnyMessage

Role: supervisor

Default Permissions:

  • editConversationAttributes
  • sendMessage
  • sendMediaMessage
  • leaveConversation
  • editOwnMessage
  • editOwnMessageAttributes
  • deleteOwnMessage
  • editAnyMessage
  • editAnyMessageAttributes
  • deleteAnyMessage

How does Flex use these Roles?

how-does-flex-use-these-roles page anchor

The first time a worker logs in, Flex creates a corresponding Conversation User.

  • For workers authenticating through the Twilio Console, the corresponding Flex Conversation Service User will be created with the admin role.
  • For workers authenticating via a third-party IdP (identity provider), Flex creates a corresponding Conversation Service User according to their SSO role: agent, supervisor, or admin.

Once a worker logs in successfully, the Flex UI initializes the Conversations SDK with a token that includes the grants:

  • The token includes Flex Roles grants based on the user role (agent/supervisor/admin) that is set in the IdP.
  • The Conversation User Service Role is updated (in the Conversations Users database) based on the Flex Role grants (an agent can be promoted to a supervisor, or vice versa).

Known limitations

known-limitations page anchor
  • Regardless of what role you have as a Flex user, Flex Conversations uses the default configured role — guest — when adding the user to a Conversation or Chat Task.
  • Conversations limits also apply to Flex Conversations limits.