Discord
Discover installed apps & bots, tokens and **OAuth2 scopes**, privileged **Gateway intents**, guilds/servers, channels/threads, roles & permissions, webhooks, slash commands and audit log signals. Govern non-human identities and their effective access — stop risky actions before impact.
What the connector discovers
- Applications, Bots & Tokens
Registered apps & bot accounts, OAuth2 grants, bot tokens (metadata only), owner/team, install timestamps, scopes (identify, bot, applications.commands, webhooks.incoming…).
- Gateway Intents (privileged)
Presence, Server Members, Message Content — where enabled; audit for necessity vs. risk and usage coverage.
- Guilds / Channels / Threads
Server inventory, channels (text/voice/stage/thread), private vs public, permission overwrites and category inheritance.
- Roles, Permissions & Overwrites
Role hierarchy, effective permission bitfields at channel scope; admin-like permissions (Administrator, Manage Webhooks/Channels/Roles, Read Message History, Attach Files).
- Webhooks, Slash Commands & Integrations
Incoming webhooks, applications.commands (slash), component interactions; cross-server automations and data egress risks.
- Audit Log & Security Signals
Guild audit log events: app installs/removals, role changes, webhook creations, permission overwrites; anomalous usage windows.
Discord bots automate collaboration and can exfiltrate files/messages at scale. ClarioSec turns this into **runtime governance**: drift-aware scoring, pre-execution controls and audit-grade narratives.
Drift-aware risk scoring
Baselines per bot/app; peer groups by team; detect scope expansion, privileged intents enablement, broad channel reach, dormant tokens and anomalous message/file flows.
Pre-execution enforcement
Allow / Alert / Block / Approve with governed overrides. Scope minimization for bots, revoke tokens on risk, and JIT approvals before sensitive message posting or webhook creation.
Audit-grade narratives
Each decision yields **rule → reason → proof → control map** (SOC 2, GDPR, ISO/IEC 27001 & 42001, AI Act), including before/after scopes, affected channels/webhooks and owner context.
Connect Discord
Use a Discord **application + bot** installed via **OAuth2** with minimum scopes. ClarioSec reads configuration via the REST API; no message content ingestion is required for discovery.
- 1) Create an application & bot
discord.com/developers → Applications → New Application → Bot tab → Add bot. Store Application ID and bot token (keep secret).
- 2) Configure OAuth2
Enable scopes: bot, applications.commands (and identify if needed). Add only essential bot permissions; avoid Administrator unless strictly necessary.
- 3) Intents (privileged if required)
Disable MESSAGE CONTENT / SERVER MEMBERS unless justified; ClarioSec will flag privileged intents to review.
- 4) Add credentials in ClarioSec
Paste Application (client) ID, optional client secret, and bot token (stored per-tenant). We honor Discord rate limits and backoff.
High-value signals via Discord REST API (metadata only):
- Applications, bots, OAuth2 scopes, token metadata (no token values persisted in plaintext)
- Guilds/servers, channels/threads, permission overwrites, roles & role hierarchy
- Webhooks, slash commands, integrations, cross-posting hooks (metadata only)
- Audit log events (where accessible), rate-limit windows, anomaly hints
Endpoint family: OAuth2, Applications, Guilds, Channels, Roles/Permissions, Webhooks, Audit Log (read).
- Over-privileged bots
Bots granted Administrator or broad channel permissions; unused privileged intents left enabled.
- Webhook exfiltration
Incoming webhooks posting to private channels, cross-server piping, or public link exposures.
- Dormant/ownerless apps
Apps with no accountable owner team, stale tokens or abandoned integrations.
- Dangerous permission overwrites
Channel-level overwrites that grant Write/Manage permissions to broad roles.
- Just-in-time approvals for new bot installs, scope upgrades & privileged intents
- Automatic permission minimization and token revocation (dormant/risky)
- Owner attestations for apps, webhooks & commands
- Audit-grade narratives mapped to SOC 2 / GDPR / ISO / AI Act
Ready to govern Discord bots and webhooks at runtime?
Move from app posture to provable behavior — identity → scope/intent → action → narrative.