Permissions
Game permissions let you grant named access tokens to players. Your Roblox experience checks these via the SDK and gates features accordingly.
ℹRequired capabilities
permissions.view to see the permissions page. permissions.assign to grant or revoke permissions from players. permissions.manage to create or delete permission definitions.What are game permissions?#
Game permissions are named flags that can be assigned to specific players. Your admin defines permission types — for example vip, admin, builder — and your in-game scripts call RoPerms.GetPerm(player, "vip") to check whether a player has been granted that permission.
Permissions can also carry typed attributes — key-value pairs attached to a specific assignment. For example, a whitelist permission might have a tier attribute with values like bronze, silver, or gold. The SDK can read attribute values with RoPerms.GetPermAttr(player, "whitelist", "tier").
Permissions page#
The Permissions page in the sidebar has two tabs:
- Definitions — lists all permission types defined for this org. Each shows the key, display name, colour, and how many players currently hold it.
- Assignments — lists every active player-to-permission assignment, searchable by player or permission key.
Assigning a permission to a player#
From the player's profile page, scroll to the Permissions tab and click Grant Permission. Select the permission from the dropdown and fill in any required attributes. Click Confirm to save.
The assignment takes effect immediately — the next time the SDK checks that player's status (or when the cache expires), the new permission is returned.
Revoking a permission#
On the player profile's Permissions tab, click the Revoke button next to an active permission. The change is immediate. An audit entry is written recording who revoked it.
Permission attributes#
Attributes are extra data attached to a permission assignment for one specific player. Your org admin defines the attribute schema when creating the permission type. Common attribute types include:
- Text — free-form string (e.g., a colour hex code).
- Number — a numeric value (e.g., time limit in minutes).
- Boolean — true/false flag.
- Enum — one value from a fixed list (e.g., tier: bronze/silver/gold).
When granting a permission that has defined attributes, you will see fields for each attribute in the grant form.
Reading attributes in-game
Your Roblox scripts can read individual attribute values or the full attribute map:
RoPerms.GetPermAttr(player, "perm_key", "attr_key")— single value.RoPerms.GetPermAttrs(player, "perm_key")— all attributes as a table.
Creating permission definitions#
If you hold the permissions.manage capability, you can create new permission types from the Definitions tab. Fill in:
- Key — the identifier used in SDK calls (lowercase, no spaces).
- Display name — human-readable label shown in the dashboard.
- Colour — hex colour used for the chip on player profiles.
- Attributes — optional schema for typed key-value data.
⚠Key immutability
Caching#
The SDK caches permission data per player for a configurable duration (default 60 seconds). Changes made in the dashboard are reflected in-game within that window. You can force an immediate refresh for a specific player using the RoPerms.Invalidate(player)call from a Script, or via the Dashboard's "Invalidate cache" button on the player profile.