Introduction
Privileged Intents provide access to sensitive user data. Using them responsibly is essential for maintaining user trust and complying with Discord's requirements.
⚠️ Please note: We cannot provide guidance on specific use cases for any Privileged Intent. This guide offers general principles instead.
Key Principles for Responsible Use
Practice Principles of Least Privilege
- Request only the intents your application fundamentally needs. Learn more about the different types of Privileged Intents in the What Are Privileged Intents article.
- Consider alternative API endpoints that might accomplish your goals without privileged data. Please see our article on Message Content Intent Alternatives.
Be Sensitive to Information Handling
-
For anonymous/aggregated data:
- Limit access to only those who need it
- Implement proper access controls within your team
- Control visibility based on server roles and permissions
-
For individual user data:
- Provide clear mechanisms for users to request data deletion
- Delete user data as soon as possible (30 days is our recommended maximum)
- Always encrypt personally identifiable information (email, phone, address, etc.)
Control Access Carefully
- Remember that Discord servers are often considered private spaces by users
- Limit who on your team can access server data
- When showing server data to users:
- Restrict visibility to server members with appropriate permissions
- Consider what level of detail is appropriate for different roles
Meet User Expectations
- Respect user expectations regarding data usage. Transparency builds trust.
- Ask yourself "Would users be concerned by how I'm using their data?"
- If you can't confidently answer "no," reconsider your approach
Need Help?
After reviewing this guide and our Developer Documentation on Gateway Intents, if you have questions, please reach out to our Developer Support team.