Servers

Servers, roles, permissions, members, and moderation

Servers are the top-level organizational unit in start.chat. Everything — channels, messages, apps, roles, data — is scoped to a server. Whether you’re running a large open source community, a private team workspace, or just chatting 1:1 with a friend, it’s all a server under the hood.

Server types

Community servers

The primary server type. Create one for your team, open source project, or community. Community servers live at a public URL (/{server-slug}) and can use a custom domain so members access your server at your own URL.

By default, community servers are public — anyone can find and join them. You can make a server private so only people with an invite can join.

Direct messages

When you start a direct message with a friend, a lightweight server is auto-created with a single channel. DMs use the same underlying architecture as community servers, which means they get the same features — reactions, threads, apps, and search all work in DMs too.

Creating a server

Click the ”+” button in the sidebar, choose a name and slug (the slug becomes your URL: /{slug}), and optionally upload an icon.

When a server is created, start.chat automatically sets up two default roles (Admin with full permissions and Team for basic members), a main channel, dedicated system channels for flows, data, and apps, and the built-in HUD AI assistant. The server creator is assigned the Admin role.

Server settings

Admins configure servers through Server Settings, which is organized into several areas.

Profile

The profile tab covers identity and branding. You can set a display name, description, icon (128 x 128px), banner image (2048 x 248px), color tint for the server’s UI theme, and a welcome message that’s shown to new members when they join.

General

The main toggle here is private mode. When enabled, only users with an invite can join, and public channels won’t appear in search for non-members.

Custom domain

You can host your server at your own domain instead of start.chat. Point a CNAME record at start.chat, enter the domain in Server Settings, and verify DNS. Cloudflare in proxy mode handles SSL automatically. Authentication works seamlessly across custom domains — members log in the same way regardless of which domain they use.

Apps

Browse, install, and configure apps. Built-in apps like GitHub, Linear, and Stripe can be installed with one click. You can also manage apps that were generated in conversations.

Agents

Configure AI agents for your server. The built-in HUD agent can be customized with a default model tier, system prompt, and granular ability toggles (search, docs, queries, code, actions, flows, skills). External agents connect via webhook endpoint with their own identity and capabilities — tools like OpenClaw can connect this way. See AI for more on agent configuration.

API keys

API keys provide programmatic access and are tied to a role, inheriting that role’s permissions. This keeps access control consistent — whether an action comes from the UI, an agent, or a script. Keys can be revoked at any time without affecting the role. See the API overview for usage.

Data import/export

Export your server’s apps and data as JSON for backup or migration, and import from a previous export to restore.

Moderation log

Review active bans and mutes, browse the server audit log (which tracks moderation actions, admin changes, and data modifications), and manage member restrictions.

Delete server

Permanently delete a server. Requires double confirmation and cannot be undone.

Members

Joining

Users can join public servers directly from discovery or a link. Private servers require an invite.

Invites

Invites are sent by email from the invite dialog or Server Settings. Each invite expires after 7 days and can optionally pre-assign a role so the user gets that role when they accept. Invite status (pending, accepted, expired) is tracked in the UI. When an invited user signs up or logs in with the matching email, the invite is automatically accepted and they join the server.

Leaving and removal

Members can leave a server at any time. Admins and moderators can kick members (they can rejoin with a new invite), ban them permanently with an optional reason, or mute them for a specified duration. All moderation actions are logged in the audit log.

Roles

Start.chat uses a role-based permission system that aims to be simple by default and powerful when you need it. Every server ships with two roles — Admin and Team — so most servers work without any configuration. But when you need fine-grained control, the system scales to support complex community structures with custom roles, per-channel access, and API keys that inherit role permissions.

Permissions

Each role has seven permission flags:

PermissionWhat it allows
canAdminFull server administration — implies all other permissions
canEditServerChange server settings, profile, and domain
canEditChannelCreate, rename, and delete channels
canEditAppInstall, configure, and remove apps
canModerateKick, ban, and mute members; delete any message
canViewDataView data tables and entries
canEditDataCreate, update, and delete data entries

Permissions are additive. If a user has multiple roles, they get the union of all permissions across those roles.

Default roles

Admin has all permissions enabled. The server creator is assigned this role. The last admin role is protected — it can’t be deleted or downgraded, which prevents accidental lockout.

Team is the basic member role with canViewData enabled. New members receive this role by default when they join.

For many teams and small communities, these two roles are all you need.

Custom roles

When the defaults aren’t enough — maybe you want moderators who can manage members but not install apps, or a “Pro” tier in a community that unlocks private channels — you can create custom roles from Server Settings → Roles → Add Role. Each role has a name, color, optional image, and a set of permission flags. Roles can be reordered by dragging to establish hierarchy, and members can be assigned to roles from the Members tab.

Channel access

Roles control access to private channels. When a channel is marked as private, you choose which roles can see it. Users without a matching role won’t see the channel in their sidebar, search results, or API responses. Read-only channels use the same mechanism — specific roles are granted write access while everyone else can only read.

This means a community can have a free tier (Team role, public channels only), a paid tier (Pro role, access to private channels), and moderators (Moderator role, moderation permissions) — all managed through roles without any custom code.

Moderation

Users with canModerate or canAdmin can take action against members:

ActionEffect
KickRemoves the user. They can rejoin with a new invite.
BanPermanently removes the user with an optional reason. Optionally deletes their messages.
MutePrevents sending messages for a specified duration.

Shared channels

Servers can create shared channels that bridge conversations between two servers. Messages posted in either server appear in both, making cross-team collaboration possible without requiring everyone to join the same server.

Programmatic access

The Server API exposes server management, the Members API handles membership, the Role API manages roles and permissions, the User Roles API manages role assignments, and the Invite API manages invitations. All are accessible via the REST API, SDK, and CLI.