---
title: Access Control
description: Learn how to configure fine-grained access control for NoLag topics.
---

# Access Control

Control who can publish and subscribe to topics with fine-grained access control lists (ACLs).

## ACL Basics

Each topic can have separate permissions for publishing and subscribing. This allows you to create read-only channels, write-only endpoints, or fully open topics.

## Permission Levels

Each actor's access to a topic is defined by one of these permission levels:

| Permission | Description |
| --- | --- |
| `subscribe` | Can only subscribe to the topic (read-only) |
| `publish` | Can only publish to the topic (write-only) |
| `pubSub` | Can both publish and subscribe (full access) |

## Configuring ACLs

ACLs are configured through the NoLag Dashboard or Portal, not programmatically via the SDK. The JS SDK does not include a topics management API.

```typescript [TypeScript]
// Access control is configured through the NoLag Dashboard or Portal,
// not programmatically via the JS SDK.
//
// The SDK does not expose a topics management API.
// To configure ACLs:
//   1. Go to the NoLag Dashboard
//   2. Navigate to your App > Topics
//   3. Set publish/subscribe permissions per topic
//
// When connecting via the SDK, permission is enforced automatically:
import { NoLag } from '@nolag/js-sdk'

const client = NoLag('your_access_token')
await client.connect()

const room = client.setApp('my-app').setRoom('general')

// This will only succeed if the actor has 'subscribe' or 'pubSub' permission
room.subscribe('announcements')

// This will only succeed if the actor has 'publish' or 'pubSub' permission
room.emit('chat', { text: 'Hello!' })
```
```python [Python]
# Access control is configured through the NoLag Dashboard or Portal,
# not programmatically via the SDK.
#
# The SDK does not expose a topics management API.
# To configure ACLs:
#   1. Go to the NoLag Dashboard
#   2. Navigate to your App > Topics
#   3. Set publish/subscribe permissions per topic
#
# When connecting via the SDK, permission is enforced automatically:
from nolag import NoLag

client = NoLag('your_access_token')
await client.connect()

room = client.set_app('my-app').set_room('general')

# This will only succeed if the actor has 'subscribe' or 'pubSub' permission
await room.subscribe('announcements')

# This will only succeed if the actor has 'publish' or 'pubSub' permission
await room.emit('chat', {'text': 'Hello!'})
```
```go [Go]
// Access control is configured through the NoLag Dashboard or Portal,
// not programmatically via the SDK.
//
// The SDK does not expose a topics management API.
// To configure ACLs:
//   1. Go to the NoLag Dashboard
//   2. Navigate to your App > Topics
//   3. Set publish/subscribe permissions per topic
//
// When connecting via the SDK, permission is enforced automatically:
client := nolag.New("your_access_token")
client.Connect()

room := client.SetApp("my-app").SetRoom("general")

// This will only succeed if the actor has "subscribe" or "pubSub" permission
room.Subscribe("announcements", func(data any, meta nolag.MessageMeta) {
    fmt.Println("Announcement:", data)
})

// This will only succeed if the actor has "publish" or "pubSub" permission
room.Emit("chat", map[string]string{"text": "Hello!"})
```

## Common Patterns

### Broadcast Channel

Server actors publish announcements, clients subscribe to receive them:

- Server actors: `publish`
- Client actors: `subscribe`

### Chat Room

All participants can read and write messages:

- All actors: `pubSub`

### Private Notifications

Server sends notifications, user reads them:

- Server actors: `publish`
- User actor: `subscribe`

## Next Steps

- [Authentication Guide](/docs/authentication)
- [Topics & Pub/Sub](/docs/concepts/topics)
