Add a Custom Role

A custom role assigns a named set of permissions to MQTT clients. Assign one role to multiple clients to manage access efficiently and ensure consistent permissions across clients with similar responsibilities. For more information, see Role-Based Access Control.

Custom roles require a Starter plan or above.
The HiveMQ Platform caches roles for 24 hours. Changes to a role take up to 1 day to become active. To ensure clients connect with updated permissions, delete the old role and create a new one.

To open role settings, follow the steps in Configure Access Management, then switch to Access Management > Authorization > Roles.

  1. Click Add Role.

  2. In Name, type a unique name.

  3. In Description, type a description of what access this role allows.

  4. In Permissions, select all permissions required for this role.

    The Permissions list contains all HiveMQ default permissions and any custom permissions you created. To add more permissions to the list, see Add a Permission.
  5. Click Add.

The custom role appears in the Roles list after the predefined default role.