Open

Overview

This feature gives administrators a powerful way to control which users can discover, join, or be invited to a channel based on their profile attribute. This addresses the challenge of managing channel access in large or complex organizations, where manual processes can lead to security risks, inefficiencies, or inappropriate access. By enabling attribute-driven rules for both Public and Private channels, this feature ensures that users only see and access channels relevant to their roles, security clearance, and departments.

Configuration

Enabling Attribute-Based Access

• Channel Settings → Access

  • A new toggle should be added under Channel Access, labeled “Manage access with user properties”.

  • This option will be available for both Public and Private channels.

  • Once the toggle is on, users will have an option to select user properties and specify one or more values for each property. Only users who have those values will get access to the channel.

Open

Adding Properties & Values

• Select Property

  • Clicking “+ Select property” reveals a dropdown listing all available user attributes that can be added. Only Select type custom user attributes will be shown here.

  • Users should be able to search through the available user attributes if there are more than 3 attributes available to choose from.
    
    

     

• Select Values

  • After choosing a property (e.g. Clearance), the admin can pick one or multiple valid values from a dropdown.

  • Multiple values for the same property are combined with OR. So a user can have either of the selected values to get access to the channel.
    
    
    

• Adding multiple properties

  • Users will be able to add multiple properties along with their corresponding values to control channel access.

  • A single global control (dropdown) labeled “Match all / Match any” allows the admin to specify AND or OR logic across different properties.
    
    
    

Property-Level Options

For each property row added, there will be a context menu (•••) which should include:

• Show in Channel Header (toggle)

  • Determines whether tag(s) for selected values appear in the channel header to indicate that those values are necessary for channel access.

• Remove property

  • Removes the entire property restriction row from the channel.

     

Behavioural Rules

Public Channel with attribute based access enabled

• Discoverable and joinable only by users who satisfy the property-based restrictions. If a user does not have the necessary property values assigned, they should not be able to discover the channel in the Browse Channels modal, or be able to join it through any means.

• If a user is already a part of the channel, and then the admin enables attribute based access and configures it to have property values that are not assigned to the user, they should be removed from the channel. We should show a warning to the admin once they Save the configuration and inform them that some users might be removed from the channel.

Private Channels with attribute based access enabled

• Only users who match the properties can be invited to the channel.

• Users who do not have the necessary property values assigned should not show up in the Invite members modal at all.

• There will be a section notice added to the Invite members modal to inform users that attribute based access control is enabled for this channel.

• If a user is already a part of the channel, and then the admin enables attribute based access and configures it to have property values that are not assigned to the user, they should be removed from the channel. We should show a warning to the admin once they Save the configuration and inform them that some users might be removed from the channel.

Displaying property values required for access

Channel Members RHS

• A section should be added at the top of the Channel Members RHS to convey that attribute based access control is enabled for the channel.

• Property values necessary to get access to the channel should also be shown as a flat list in a single row. Hovering on any value should reveal the corresponding property in a tooltip.

• If there are a more property values than what fit in the row, they should be combined into a single +XX tag, with a tooltip showing all the property-value pairs that have been configured for the channel.

• Clicking anywhere on this section should open Channel Settings → Access tab to view more details.

Channel Header

When the admin configures a property with “Show in Channel Header”:

• Tags for all configured values of that property should appear in the Channel Header just before the header text.

• Multiple tags stack horizontally if multiple properties are set to “Show in Channel Header.” Multiple tags may be combined into a single `+XX` tag for smaller screens with space constraints.

• By default, the “Show in Channel Header” toggle should be turned OFF.

Permissions & Roles

• Channel Admin (or System Admin) can configure property-based access:

  • Toggle the feature ON/OFF.

  • Add/remove properties and values.

  • Set “Show in Channel Header.”

• Channel members should be able to view the configured properties and values but will not be able to modify them.

Licensing

Edge cases

If applicable, provide screenshots or description for other edge cases (extremely long labels, connectivity issues, etc)

• Bullet point about edge case

• Bullet point about edge case

• Bullet point about edge case

Resources

• Figma Design File

• Figma Clickable Prototype

• Mobile design spec (if documented separately)

• Jira Ticket

• 1-Pager

Future Enhancements (Not in MVP)

• Nested Logic (combining AND / OR within a single rule set).

• Additional UI touchpoints to show values needed to join a channel.